zt-archiv.at
HTML metadata
DNS records live
- NS
-
- ns.nextlayer.at
- sec1.rcode0.net
- sec2.rcode0.net
- MX
-
- 0 ztarchiv-at0e.mail.protection.outlook.com
- TXT
-
MxfC6jZzNc0M2g6d6e+LqELj38b3EAx/EHO+rYAbeSYVqWZbTDWaIWQXLk8ocQ+CAhugzBnIUicZ8nSUSznGYQ==
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com ip4:92.60.12.160/28 ip4:213.235.245.128/29 ip4:195.182.26.0/24 ip4:80.82.206.211/32 ip4:92.60.12.164 ip4:92.60.12.165 ip4:92.60.12.166 ip4:92.60.12.167 ip4:92.60.12.168 ip4:92.60.12.169 ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
DigiCert Global G2 TLS RSA SHA256 2020 CA1
Expires in 98 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self' https://www.zt-archiv.at https://cms.zt-archiv.at; script-src 'self' https://www.zt-archiv.at https://cms.zt-archiv.at blob:; img-src 'self' https://cms.zt-archiv.at; worker-src 'self' blob:; connect-src 'self' https://eu-api.friendlycaptcha.eu https://api.friendlycaptcha.com https://www.baik-archiv.at https://cms.zt-archiv.at https://www.zt-archiv.at/ https://zt-archiv.at/ http://localhost:21912 https://127.0.0.1:3496; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' https://*.a-trust.at mailto:- strict-transport-security
max-age=31536000; includeSubDomains
Linked from (2)
- arching.at×1
- zt.at×1