avea.de

HTML metadata

Technology

Server

Apache

Third-party hosts loaded (2)

• api.abfall.io×1
• cdn.eye-able.com×1

Social

• facebook

Registration

Updated

2014-06-19

Name servers

• dns11.netcologne.de.
• dns12.netcologne.de.
• dns13.netcologne.de.
• dns14.netcologne.de.

DNS records live

NS

• dns11.netcologne.de
• dns12.netcologne.de
• dns13.netcologne.de
• dns14.netcologne.de

MX

• 10 mail-1.ivl.de
• 10 mail-2.ivl.de

TXT

Show 4 TXT records

• globalsign-domain-verification=K182NtyXb0NbHe-b4RO4TBP1iGK3xV2lUkaIJalD32
• EefnZsCraCkGN3+ddpphFkhVVNUs1rsXaC2Y6otPMlE=
• _telesec-dom0ain-validation=351617_2025-07-28_HZCJDWjvvcAhcvjwIpzolqYhabYsZ8YkL19OZpVGigA0r99ZYj
• ZOOM_verify_PKzSOeRPo1ywwp398wYDFO

Email authentication strong

SPF

v=spf1 mx a:mx80.profilschmiede.de ip4:192.168.131.226 ip4:192.168.131.236 include:spf.de.umantis.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; sp=none; rua=mailto:dmarc@ivl.de; rf=afrf; pct=100

policy: reject (enforced) · sp=none

DKIM

• mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwJB2NtBZki9+6RgxPhcUz1Jn+N8V36H330Axl8Q2RGyTdCIEdB1SEvMw9qEPHK0ZE1VpO6/d8ZsAdCsWE1k…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.avea.de/

present

• strict-transport-security
• content-security-policy
• x-content-type-options

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• facebook.com×2

Linked from (1)

• avea.info×1