auxiliumgruppe.de
HTML metadata
Technology
- Server
- railway-edge
- CMS
- Next.js
Third-party hosts loaded (1)
- images.ctfassets.net×23
Social
Contact
Registration
- Updated
- 2025-02-26
- Name servers
-
- a-dns-service.de.
- ns3.kas-dns-server.de.
- ns5.kasserver.com.
- ns6.kasserver.com.
DNS records live
- NS
-
- a-dns-service.de
- ns3.kas-dns-server.de
- ns5.kasserver.com
- ns6.kasserver.com
- MX
-
- 10 mx01.hornetsecurity.com
- 20 mx02.hornetsecurity.com
- 30 mx03.hornetsecurity.com
- 40 mx04.hornetsecurity.com
- TXT
-
default._bimi.auxiliumgruppe.de TXT v=BIMI1; l=https://intranet.auxiliumgruppe.de/AUX_BIMI.svg; a=;
- Verified for
-
- Apple
- Miro
- TeamViewer
Email authentication strong
- SPF
-
v=spf1 ip4:116.202.128.85 ip4:116.202.128.150 include:_spf.rexx-systems.com include:_spf.reteach.io include:spf.hornetsecurity.com include:spf-de.emailsignatures365.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; sp=reject; pct=100; adkim=s; aspf=s; ruf=mailto:it@auxiliumgruppe.de;policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 34 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdn.tailwindcss.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com; img-src 'self' data: https:; font-src 'self' data: https://cdn.tailwindcss.com; connect-src 'self' https:; object-src 'none'; frame-ancestors 'self' https://up-monitoring-app-production.up.railway.app https://monitoring.updesignstudio.de http://localhost:* https://cms.auxiliumgruppe.online https://directus-directus-testing.up.railway.app; base-uri 'self';