itx.de
HTML metadata
Technology
- Server
- nginx
Third-party hosts loaded (1)
- www.gstatic.com×1
Social
Contact
- Phone
Registration
- Updated
- 2025-02-05
- Name servers
-
- ns1.domaindiscount24.net.
- ns2.domaindiscount24.net.
- ns3.domaindiscount24.net.
DNS records live
- NS
-
- ns1.domaindiscount24.net
- ns2.domaindiscount24.net
- ns3.domaindiscount24.net
- MX
-
- 10 mx01.hornetsecurity.com
- 20 mx02.hornetsecurity.com
- 30 mx03.hornetsecurity.com
- 40 mx04.hornetsecurity.com
- Verified for
-
- Apple
- Microsoft 365
- Zoho
Email authentication partial
- SPF
-
v=spf1 a mx include:_spfip.itx.de include:spf.protection.outlook.com include:spf-de.emailsignatures365.com include:spf.hornetsecurity.com include:7524911.spf07.hubspotemail.net include:agenturserver.de ip4:185.175.196.147 include:eu.transmail.net ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=nonepolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 32 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
sameorigin- permissions-policy
accelerometer=(self), autoplay=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), xr-spatial-tracking=(self)- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hs-analytics.net js.hs-banner.com js.usemessages.com snap.licdn.com static.zohocdn.com *.cookiebot.com www.googletagmanager.com www.google-analytics.com www.google.com googleads.g.doubleclick.net *.hotjar.com *.googleapis.com *.facebook.net *.facebook.com https://js.hs-scripts.com/7524911.js https://js.hs-banner.com/integrations.js https://js.hs-analytics.net/analytics/1700467200000/7524911.js https://js.hubspot.com/web-interactives-embed.js https://js.hsadspixel.net/fb.js https://js-eu1.hsforms.net https://cdn.jsdelivr.net https://js-eu1.hs-scripts.com https://js-eu1.hubspot.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hsadspixel.net https://js-eu1.hs-banner.com; frame-src 'self' *.cookiebot.com www.youtube-nocookie.com player.vimeo.com *.facebook.net *.facebook.com https://global.frcapi.com https://forms-eu1.hsforms.com- strict-transport-security
max-age=31536000; includeSubDomains
Links to (5)
- facebook.com×1
- google.com×1
- itx.eu×1
- linkedin.com×1
- tko-online.de×1