indexo.dev

edustandards.org

.org crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 2366 ms crawled 2026-06-02

AT · 62.99.143.93 · AS8412 T-Mobile Austria GmbH

Reputation 100/100

Classifying

HTML metadata

Title
Komet Hub: Komet
Language
de_DE
Generator
TYPO3 CMS
Canonical
https://comet.edustandards.org/
Translations
  • de_de
  • en_us

Technology

Server
Apache
jQuery
2.2.4 known XSS (<3.5)

Third-party hosts loaded (1)

  • code.jquery.com×1

DNS records live

NS
  • ns1.x-net.at
  • ns3.x-net.at
  • ns4.x-net.at
TXT
  • offensity-domain-verification=e07cb8fd67bb300b149a6c821e5141b96e6f00caa4a3f37b3aa811667dbbe200

Email authentication no MX

SPF
v=spf1 include:spf.x-net.at -all
strict (-all)
DMARC
v=DMARC1; p=quarantine;
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

YE1
from 2026-05-29 to 2026-08-27
Expires in 86 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://comet.edustandards.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
permissions-policy
accelerometer=(), autoplay=(self), camera=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://cloud.ccm19.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com https://cdn.jsdelivr.net https://code.jquery.com https://video.ibm.com https://www.openstreetmap.org https://vimeo.com https://player.vimeo.com https://www.youtube.com https://www.youtube-nocookie.com https://www.ccm19.de https://cloud.ccm19.de https://comet.edustandards.org https://accounts.google.com; worker-src 'self' blob:; child-src 'self' blob:; connect-src 'self' https://api.friendlycaptcha.com https://assets.friendlycaptcha.com https://unpkg.com https://cdn.jsdelivr.net https://code.jquery.com https://video.ibm.com https://vimeo.com https://player.vimeo.com https://www.youtube.com https://www.youtube-nocookie.com https://cloud.ccm19.de https://comet.edustandards.org https://accounts.google.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' https://cloud.ccm19.de; img-src 'self' https://unpkg.com https://cloud.ccm19.de data: blob:; font-src 'self' data:; frame-sr
strict-transport-security
max-age=31536000; includeSubDomains

Links to (2)

Linked from (2)