indexo.dev

kandidatomat.de

.de crawl

First seen 2026-04-19 · Last seen 2026-05-19 · ok HTTP/1.1 200 1393 ms crawled 2026-05-19

DE · 37.228.157.11 · AS34432 dogado GmbH

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title
kandidatomat.de
Language
de-de
Generator
TYPO3 CMS
Canonical
https://www.kandidatomat.de/

Technology

Server
nginx

Registration

Updated
2022-03-11
Name servers
  • ns1.de-nserver.de.
  • ns2.de-nserver.de.

DNS records live

NS
  • ns1.de-nserver.de
  • ns2.de-nserver.de
MX
  • 10 mail.kandidatomat.de

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-01-06 to 2027-01-28
Expires in 253 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.kandidatomat.de/

present
  • content-security-policy
  • x-frame-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin, allow-from https://www.kandidatomat.de
content-security-policy
frame-ancestors *;style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src *; default-src *; child-src * https://www.kandidatomat.de; frame-src * https://www.kandidatomat.de;

Links to (2)

Linked from (1)