consorsfinanz.de
consorsfinanz.de
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- AmazonS3
- Cookie consent
-
- OneTrust
Third-party hosts loaded (4)
- cdn0.scrvt.com×22
- api.scrivito.com×2
- assets.adobedtm.com×1
- cdn.cookielaw.org×1
Social
Registration
- Updated
- 2023-07-27
- Name servers
-
- ns1.bnpparibas.com.
- ns2.bnpparibas.com.
- ns3.domivesta.net.
- ns4.domivesta.com.
DNS records live
- NS
-
- ns1.bnpparibas.com
- ns2.bnpparibas.com
- ns3.domivesta.net
- ns4.domivesta.com
- ns5.bnpparibas.com
- MX
-
- 5 smtp-in-internet-usr-m.gslb.srv.bnpparibas
- TXT
-
Show 13 TXT records
_z19yxk7b5k85tjuy7u17nq66e6r6umz_3j01g1uov3k4igxdbvit8k8hmmdiga7_cwvbg1cr4zpdg2wed8z7l86recgr7l1BNP Paribas Personal Finance Germany_2pusxg8f5hbxq9awe038baiudvgwyg3zscaler-verification-242570-28082025-rpIs9t_telesec-domain-validation=280875_2022-05-09_54c2eETKRNte94887m19L7kH3lOdOSfu4YwpaF0LQEdV9pAlk6MS=D63D3D31513B6796C7D4F6BD95E6B63A3AE87074v=DKIM1;t=s;h=sha256;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC92nINSbmAb4BvDHHRG42BVvVqnXVKEu/8USrprezKxZxk0gmaE5Osa5VW8I7zUdPu5LYjuhr03Q9poHMdYxJnOX0aOeiyKoW8GJf9/W18/xVhOh6UNx1U5Bj9ssmmyuVzLEOR1wUlTjBI3vYhAn6H+fS7e0kqtXwJ781kIaYdYwIDAQABibmid=96af1ec4-9f03-48ed-ade3-d0314ba0a373_3qzmjom9w2cxy7ydpfmgnnyyc53lupl_smttmu8c6xh8oywm5xnd6adoojihabe_geifflm1fjnyqhwqrpwxqxe5m6483zx
- Verified for
-
- Adobe
- Apple
- Cisco
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 ip4:155.140.86.11 ip4:155.140.86.13 a include:pns._spf.bnpparibas.com include:spf.quicksign.fr include:_spf.salesforce.com include:cemsc.net ip4:217.160.144.98 include:spf.vier.ai -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:security@consorsfinanz.de,mailto:f1rg2pej@ag.eu.dmarcian.com; ruf=mailto:security@consorsfinanz.de,mailto:f1rg2pej@fr.eu.dmarcian.com; fo=1;policy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M01
Expires in 250 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
base-uri 'none'; default-src 'self' data: https: wss:; style-src 'self' data: https: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.scrivito.com https://app.intercom.io https://assets.scrivito.com https://js.intercomcdn.com https://widget.intercom.io https://cdn.cookielaw.org https://widget.trustpilot.com https://assets.adobedtm.com https://activitymap.adobe.com https://consorsfinanzgermany.d3.sc.omtrdc.net https://consorsfinanzgermany.tt.omtrdc.net https://consorsfinanzgermany.demdex.net/ https://connect.facebook.net https://www.google.com/pagead/conversion_async.js https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://googleadservices.com https://googleads.g.doubleclick.net https://doubleclick.net https://*.outbrain.com https://outbrain.com https://*.youtube.com https://*.youtube-nocookie.com https://*.vimeo.com https://*.synthesia.io https://fat.financeads.net/fpc.js https://*.adnxs.com http://cdn.tt.omt.rdc.net- strict-transport-security
max-age=63072000; includeSubDomains; preload
Links to (7)
- youtube.com×1
- xing.com×1
- rata-net.de×1
- medallia.eu×1
- linkedin.com×1
- instagram.com×1
- facebook.com×1