indexo.dev

hsbc-zertifikate.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 961 ms crawled 2026-05-18

DE · 193.19.114.77 · AS31285 HSBC Trinkaus & Burkhardt GmbH

Reputation 100/100

Classifying

HTML metadata

Title
HSBC Zertifikate – Optionsscheine und Hebelprodukte
Description
30 Jahre Erfahrung✓ Nr.1 in Service- und Handelsqualität✓ Zertifikate, Optionsscheine, Hebelprodukte, Open-End- Turbos, Bonus- Zertifikate, Discount-Zertifikate,Aktien&Indexanleihen✓ internationale Basiswerte✓
Language
de
Canonical
https://www.hsbc-zertifikate.de/home.html
Translations
  • de ×2

Technology

Third-party hosts loaded (1)

  • code.etracker.com×1

Social

Registration

Updated
2020-11-21
Name servers
  • ns20.hsbc.net.
  • ns20.hsbc.uk.
  • ns21.hsbc.net.
  • ns21.hsbc.uk.
  • ns3.hsbc.com.
  • ns6.hsbc.com.

DNS records live

NS
  • ns20.hsbc.net
  • ns20.hsbc.uk
  • ns21.hsbc.net
  • ns21.hsbc.uk
  • ns3.hsbc.com
  • ns6.hsbc.com
MX
  • 5 mailgw01.hsbc.de
  • 5 mailgw02.hsbc.de
  • 5 mailgw03.hsbc.de
  • 5 mailgw04.hsbc.de
TXT
  • s88nqlzhgnwdc1rlbt4x093q8wqw871n
Verified for
  • Google

Email authentication strong

SPF
v=spf1 a -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert EV RSA CA G2
from 2025-07-15 to 2026-08-16
Expires in 87 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://hsbc-zertifikate.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, deny
x-content-type-options
nosniff
content-security-policy
default-src 'self' hsbc.de hsbctrinkaus.de; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.youtube.com *.ytimg.com *.etracker.com *.etracker.de; style-src 'self' 'unsafe-inline'; child-src 'self' *.youtube.com *.youtube-nocookie.com *.hsbc.de *.hsbctrinkaus.de ats.ccmp.eu *.fagms.de; connect-src 'self' *.etracker.com *.etracker.de *.hsbc.de *.hsbctrinkaus.de; frame-ancestors 'self' www.teleboerse.de https://*.etracker.com
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (7)

Linked from (1)