wob.at

HTML metadata

Technology

Server

nginx

CMS

Joomla

PHP

8.2.31 security-only

Third-party hosts loaded (2)

• static.elfsight.com×1
• world-spirits.com×1

Social

• youtube
• facebook
• instagram
• linkedin

DNS records live

NS

• dns.dns1.de
• dns.dns2.de
• dns.dns3.de
• dns.dns4.de

MX

• 5 sbs.wob.at

Email authentication strong

SPF

v=spf1 mx a:sbs.wob.at a:sbs1.wob.at a:sbs2.wob.at a:wob.at -all

strict (-all)

DMARC

v=DMARC1; p=reject; sp=reject; aspf=s; adkim=r;

policy: reject (enforced) · sp=reject

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://wob.at/en/

present

• content-security-policy
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (13)

• youtube.com×1
• world-spirits.com×1
• wolframortner.com×1
• wikipedia.org×1
• nockland-whisky.com×1
• linkedin.com×1
• iws.tv×1
• instagram.com×1
• google.com×1
• facebook.com×1
• faboba.com×1
• apple.com×1
• amazon.de×1

Linked from (4)

• wolframortner.com×1
• iws.tv×1
• nockland-whisky.com×1
• world-spirits.com×1