budget.de

HTML metadata

Technology

CDN

Amazon CloudFront

Server

Apache

Third-party hosts loaded (1)

• budgetassets.abgemea.com×15

Social

• facebook
• instagram
• twitter
• youtube

Contact

Phone

• 165038067

Address

ST Ident: DE16503

Registration

Updated

2020-02-19

Name servers

• ns1.netnames.net.
• ns2.netnames.net.
• ns5.netnames.net.
• ns6.netnames.net.

DNS records live

NS

• ns1.netnames.net
• ns2.netnames.net
• ns5.netnames.net
• ns6.netnames.net

MX

• 15 smtp.avis.de
• 5 budget-de.mail.protection.outlook.com

TXT

Show 6 TXT records

• _fomock7r0b7ytjrj1u9gdt7vlasc56m
• jmf96z0b082dg3w9y5xvm6hjskz7pj70
• scczp8yjjl4rn9641c3m7tlk573nwjfq
• 1E80-2E1A-BC85-340C-11D8-F4A1-D53D-5F59
• 6mq8t3hnzlcwgphqwgtg2fpknb0ngcgs
• _adpunq9vtz4epz4qjme3t5ttm9iapyv

Verified for

• Google
• Microsoft 365

Email authentication strong

SPF

v=spf1 exists:%{i}._i.%{d}._d.espf.agari-dns.net include:%{d}.5c.spf-protect.agari-dns.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:avis@rua.agari.com; ruf=mailto:avis@ruf.agari.com

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuANyLhRus05gfcTtqEmpW+ZTdWvs2bUmBDhCMrXAfKoEY3eWlaas7WAzyBdyEoeQCHRtVtj8wiUqK+…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.budget.de/

present

• strict-transport-security
• content-security-policy
• x-frame-options

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (10)

• apple.com×2
• budget.co.uk×2
• budget.es×2
• budget.fr×2
• budgetleasing.com×2
• facebook.com×2
• instagram.com×2
• x.com×2
• youtube.com×2
• budgetautonoleggio.it×1

Linked from (4)

• budget.fr×2
• budget.co.uk×2
• budget.es×2
• budgetautonoleggio.it×1