indexo.dev

kedo.com

.com crawl

First seen 2026-06-02 · Last seen 2026-06-02 · ok HTTP/1.1 200 2734 ms crawled 2026-06-02

DE · 109.71.73.199 · AS47447 23M GmbH

Reputation 69/100 wrong cert dmarc monitor-only

Classifying

HTML metadata

Title
KEDO - Parts and Service from Hamburg, Germany
Description
YAMAHA SR, TT, XT, TDM, TRX
Language
en

Technology

Server
nginx
CMS
Gatsby
Stack
PHP

Third-party hosts loaded (2)

  • matomo.kedo.shop×1
  • static.addtoany.com×1

Contact

Email
Phone
Address
© 2013-2023 KEDO. All rights reserved.

Registration

Registrar
InterNetX GmbH
Created
1997-01-20
Expires
2027-01-21 231 days left
Updated
2026-01-22
Name servers
  • nameserver-1-go.maxcluster.net
  • nameserver-2-go.maxcluster.net

DNS records live

NS
  • nameserver-1-go.maxcluster.net
  • nameserver-2-go.maxcluster.net
MX
  • 10 mail-go.maxcluster.net
TXT
  • _dd8juq2c854jcze2a4rpcqauwp8clwx
Verified for
  • Atlassian
  • Brevo
  • Google

Email authentication partial

SPF
v=spf1 ip4:109.71.73.199 ip4:78.46.164.74 ip6:2a05:cc00::73:199:10 +a +mx -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current) wrong cert

GeoTrust EV RSA CA G2
from 2026-05-26 to 2026-12-11
Expires in 190 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.kedo.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
font-src https://fonts.gstatic.com *.gstatic.com data: *.fontawesome.com *.fonts.googleapis.com *.cloudflare.com api.systempay.fr maxcdn.bootstrapcdn.com 'self' data: 'unsafe-inline' data: *.bootstrapcdn.com *.trustedshops.com assets.brevo.com kedo.de *.kedo.de kedo.com *.kedo.com kedo-france.com *.kedo-france.com xt500parts.com *.xt500parts.com kedo-jvb-moto.com *.kedo-jvb-moto.com *.brevo.com *.googleapis.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com paiement.systempay.fr api.systempay.fr 'self' *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.paypal.com maxcdn.bootstrapcdn.com ipayment.de kedo.de *.kedo.de kedo.com *.kedo.com kedo-france.com *.kedo-france.com xt500parts.com *.xt500
strict-transport-security
max-age=31536000

Links to (2)

Linked from (1)