auri.at
HTML metadata
Technology
- Cookie consent
-
- OneTrust
Third-party hosts loaded (2)
- cdn.cookielaw.org×1
- js.hcaptcha.com×1
DNS records live
- NS
-
- ns0115.secondary.cloudflare.com
- ns0233.secondary.cloudflare.com
- MX
-
- 0 auri-at.mail.protection.outlook.com
- TXT
-
pnCnxVE0SbSOv/XW9Z4RcvZ+7uBHsgqx51LlbQCdJyBE2zmXkCV3Ua0PKlZ/NDYEs6/52HJUbCUwwyLgWN8MIg==
- Verified for
-
- Brevo
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.auri.at.eu-7yizepaq.e1.dspf.app include:csa.wwwserver.net -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:7yizepaq@ag.eu.dmarcadvisor.com; ruf=mailto:7yizepaq@fr.eu.dmarcadvisor.compolicy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0v4F+GhDjZ58NGGiwY6vZJwH/VEk2fK4lquCTAk5ykdY6pnYuece9lD+DDBSNFz3aTn7Rm+zPWHXv… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed - selector1:
Certificate (current)
Entrust OV TLS Issuing RSA CA 2
Expires in 118 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(self), camera=(), clipboard-read=(self), clipboard-write=(self), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(self), serial=(), storage-access=(), sync-xhr=(), unload=(), usb=(), window-management=(), window-placement=(self), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' https://challenges.cloudflare.com https://www.youtube.com https://cdn.mouseflow.com https://emggfx.auri.at https://d1mxyhmor38cww.cloudfront.net/latest/groupcms.js https://d1mxyhmor38cww.cloudfront.net/dev/groupcms.js https://cdn.adjust.com https://cdn.cookielaw.org https://connect.facebook.net https://googleads.g.doubleclick.net https://snap.licdn.com 'unsafe-inline' 'unsafe-eval' https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://*.gstatic.com https://*.google.com https://*.ggpht.com https://*.googleusercontent.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://hcaptcha.com https://*.hcaptcha.com https://fonts.googleapis.com; connect-src 'self' https://eu01.rec.mouseflow.com https://o2.mouseflow.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-de.onetrust.com https://app.adjust.co- strict-transport-security
max-age=63072000; includeSubDomains;- cross-origin-opener-policy
same-origin
Links to (1)
Use this data via API
Everything on this page for auri.at is available as JSON from the indexo.dev REST & MCP API.
curl "https://indexo.dev/api/v1/domains/auri.at" \ -H "X-API-Key: idx_..."