ayvensbank.de
HTML metadata
Technology
- CDN
- Azure Front Door
- CMS
- Next.js
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
Third-party hosts loaded (2)
- cdn.cookielaw.org×2
- www.googletagmanager.com×1
Social
Registration
- Updated
- 2023-12-29
- Name servers
-
- tigdns01.socgen.com.
- tigdns02.socgen.com.
- tigdns05.socgen.com.
- tigdns06.socgen.com.
DNS records live
- NS
-
- tigdns01.socgen.com
- tigdns02.socgen.com
- tigdns05.socgen.com
- tigdns06.socgen.com
- MX
-
- 0 ayvensbank-de.mail.protection.outlook.com
- TXT
-
_ngr98gk8wv0l8mnwboubmvuwnceoo1z
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc-reports@ayvensbank.nl; fo=1policy: none (monitoring only) - DKIM
-
Show 4 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+C9uPn7H/oVZGSKZcACiIdk9YyEy5aUG1fqJ8RzwO7nyvp6LTZqL9xUN31HN04dHlUszNgFL06J+B… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5OzfUcu7a0mWA7jX+OxdzQrYLc1YJYKd1NxoQgH+zzy4wANehpECezrAbqSqprpGN3iFwYnquDohY… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu45QTdlt3xY8CHSukhPOmpdDmCKjVZfIo5xJdJVLdlHPQmINYX7KV+kg9WU7XkE0XdosMH0JIo5EKtsd9s… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGftDNfYcy4ztvkduRNCj2tNXzruWqQwbCh0woSkTLMRq3t6S53vfb7ncCQAWvh4EcxRGOZpBCaYrobJmc…
selectors probed - selector1:
Certificate (current)
GeoTrust TLS RSA CA G1
Expires in 104 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), display-capture=(self), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), layout-animations=(self), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), speaker-selection=(), sync-xhr=(), unoptimized-images=(), unsized-media=(), usb=(), screen-wake-lock=(self), web-share=(), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' leaseplanbank.bbvms.com; script-src 'unsafe-inline' 'self' nonce-MjllNzY4NzYtY2E5ZS00NTY2LWIzMGYtZTg0ODUzYmI4ZDY4 pages.sitecorecloud.io cdn.cookielaw.org googletagmanager.com tagmanager.google.com *.googletagmanager.com www.googleadservices.com www.google.com www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net sst.ayvensbank.nl sst.ayvensbank.de bat.bing.com bat.bing.net snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com webchat.digitalcx.com cdn.jsdelivr.net cdnjs.cloudflare.com www.gstatic.com connect.facebook.net secure.quantserve.com collect-prd-m.leaseplan.com *.amplify.outbrain.com; style-src 'self' 'unsafe-inline' edge-platform.sitecorecloud.io pages.sitecorecloud.io localhost cdn.cookielaw.org googletagmanager.com tagmanager.google.com fonts.googleapis.com fonts.gstatic.com *.licdn.com cdn.jsdelivr.net; img-src 'self' data: blob: feaasstatic.blob.core.windows.net edge.sitecorecloud.io cdn.cookiela- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
same-origin