firestart.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: FireStart - BPMN 2.0 & Workflow Automation
Description: FireStart verbindet Menschen, Systeme und KI – zu klaren, messbaren Prozessen. Start small. Automate fast. Grow smart. Made in Austria • Hosted in Germany
Language: de

Open Graph

url: https://www.firestart.com/
title: FireStart - BPMN 2.0 & Workflow Automation
locale: de_DE
site name: FireStart
description: FireStart verbindet Menschen, Systeme und KI – zu klaren, messbaren Prozessen. Start small. Automate fast. Grow smart. Made in Austria • Hosted in Germany
locale:alternate: en_US

Technology

Server: Google

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.gstatic.com×2
fonts.googleapis.com×1
www.googletagmanager.com×1

Contact

Address: Am Winterhafen 1, 4020, Linz, AT

Registration

Registrar

OVH sas

Created

1999-03-22

Expires

2027-03-22 290 days left

Updated

2026-03-23

Name servers

fred.ns.cloudflare.com
lila.ns.cloudflare.com

DNS records live

NS

fred.ns.cloudflare.com
lila.ns.cloudflare.com

MX

0 firestart-com.mail.protection.outlook.com

TXT

Show 5 TXT records

9CCQJF99QPT5AO9IEUHDB7EJLQ
Wm8puNJXXqew0Ych9Vut3HzRHlq9oEbY6CDLb8Di4V0
hubspot-developer-verification=ZDMyZDZjMGYtZWFhNi00N2QyLThkMTktZWFhYjEyNzdjNDhm
logmein-verification-code=afd82a1f-28c6-4232-8bf2-89c88fc9f56b
replit-verify=e8556df4-0f80-4660-9de1-733163356b35

Verified for

Apple
Atlassian
Google
Mailgun
Meta

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.emailsignatures365.com include:mail.zendesk.com include:servers.mcsv.net include:spf.protection.outlook.com include:spf.w4ymail.at include:aspmx.pardot.com include:26010360.spf10.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; ruf=mailto:postmaster@firestart.com; fo=1;

policy: quarantine

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBamN+ygoaqSIiQsSZwtTNZdj73DtfZ8GmIs3Ij/N9X5zkLMBQkSGcK6zO+gVF3nZnk4BZqT+fmemAtNTTJ5…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…

selectors probed

Certificate (current)

E8

from 2026-05-07 to 2026-08-05

Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.firestart.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self';script-src 'self' https://www.googletagmanager.com https://snap.licdn.com https://js-eu1.hs-scripts.com https://www.hubspot.com https://hubspotusercontent.com https://slsnlytcs.com https://*.hs-analytics.net https://*.hsforms.net https://js-eu1.hscollectedforms.net https://js-eu1.hs-banner.com https://js-eu1.hsadspixel.net;img-src 'self' data: blob: https: https://px.ads.linkedin.com https://snap.licdn.com https://slsnlytcs.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.hubspot.com https://hubspotusercontent.com;font-src 'self' https: data: https://fonts.gstatic.com;connect-src 'self' https://www.google-analytics.com https://www.google.com https://region1.analytics.google.com https://region1.google-analytics.com https://px.ads.linkedin.com https://api.linkedin.com https://*.hubapi.com https://hubspotusercontent.com https://track.hubspot.com https://forms.hubspot.com https://*.hs-analytics.net https://*.hs-scripts.com https://slsnlytcs.c
strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin

Linked from (1)

sales-suckers.com×1