drk-wohlfahrt.de

HTML metadata

Technology

Server

nginx

Analytics

• Google Tag Manager

Cookie consent

• Usercentrics

Third-party hosts loaded (3)

• app.usercentrics.eu×2
• privacy-proxy.usercentrics.eu×2
• www.googletagmanager.com×1

Social

• facebook
• youtube
• instagram
• linkedin

Registration

Updated

2022-05-02

Name servers

• ns-cloud-d1.googledomains.com.
• ns-cloud-d2.googledomains.com.
• ns-cloud-d3.googledomains.com.
• ns-cloud-d4.googledomains.com.

DNS records live

NS

• ns-cloud-d1.googledomains.com
• ns-cloud-d2.googledomains.com
• ns-cloud-d3.googledomains.com
• ns-cloud-d4.googledomains.com

MX

• 10 mail.e-pixler.network

Email authentication weak

SPF

v=spf1 include:_spf.e-pixler.network include:spf.crsend.com ~all

softfail (~all)

DMARC

not published

DKIM

• dkim: v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+kXAK3y9DQBA19vcKjpTh6RhaGy4O+x3OeDhmztP/ZWH+CFNPHg6Mk+Y1Hk6OSyuoWO…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://drk-wohlfahrt.de/start.html

present

• strict-transport-security
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing Content Security Policy
• weak content type protection
• missing Permissions Policy

Links to (6)

• drk.de×5
• facebook.com×3
• instagram.com×3
• jugendrotkreuz.de×3
• linkedin.com×3
• youtube.com×3

Linked from (2)

• drk.de×3
• migrationsberatung.org×2