gps-login.de

HTML metadata

Technology

Server

nginx

Third-party hosts loaded (2)

• maps.googleapis.com×1
• www.paypalobjects.com×1

Registration

Updated

2012-01-17

Name servers

• ns1.smart-nic.de.
• ns2.smart-nic.de.
• ns3.smart-nic.de.
• ns4.smart-nic.de.

DNS records live

NS

• ns1.smart-nic.de
• ns2.smart-nic.de
• ns3.smart-nic.de
• ns4.smart-nic.de

MX

• 10 mail.blpkt.de

Email authentication partial

SPF

v=spf1 ip4:217.64.169.120 ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:sth.admin.dmarc-gpslogin@tejp.de; pct=100; sp=none; adkim=r; aspf=r

policy: none (monitoring only) · sp=none

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.gps-login.de/customer/

present

• content-security-policy

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• telematikwerk.de×1

Linked from (2)

• telematikwerk.de×1
• blaupunkt-telematics.com×1