eh-berlin.de

HTML metadata

Technology

Server

Apache

Social widgets

• Vimeo Embed

Third-party hosts loaded (1)

• player.vimeo.com×1

Social

• linkedin
• facebook
• instagram
• youtube

Registration

Updated

2010-04-15

Name servers

• ns1.aspdns.org.
• ns2.aspdns.org.

DNS records live

NS

• ns1.aspdns.org
• ns2.aspdns.org

MX

• 10 ehberlin-de0e.mail.protection.outlook.com

TXT

• google-site-verification=yIHbnhJCqFmEkikxP8uTKu6pWOeI1wLE2JaO0EudpiM

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:aspkunden.de -all

strict (-all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:dmarcreports@eh-berlin.de;

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmCo+vD/fN3/Cwbl1IrQh8bbaLLJsUDEJXo8Yj81zUD7PMNiBii7hm/mgdjYe0fGkHmy2ywZQTlqEbgQ2umi…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypxVTZwVYWzdH5OLNNQ9tiu5szkezNxDN4dK7jTVlMh9gXyrFqv+pv/36AhV5Sph14B0vAHGqTSZND…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.eh-berlin.de/

present

• strict-transport-security
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing Content Security Policy
• weak frame protection
• weak content type protection
• missing Permissions Policy

Links to (9)

• facebook.com×2
• gbv.de×2
• hispro.de×2
• hochschulkompass.de×2
• hrk.de×2
• instagram.com×2
• linkedin.com×2
• stifterverband.org×2
• youtube.com×2

Linked from (3)

• rat-fuer-migration.de×2
• ebet-ev.de×1
• socialeurope.net×1