kirchham.de

HTML metadata

Technology

jQuery

2.1.4 known XSS (<3.5)

Analytics

• Google Tag Manager

Third-party hosts loaded (1)

• www.googletagmanager.com×1

Social

• facebook
• instagram
• youtube

Registration

Updated

2024-10-16

Name servers

• ns01.dns-bb.de.
• ns02.dns-bb.de.
• ns03.dns-bb.de.
• ns04.dns-bb.de.

DNS records live

NS

• ns01.dns-bb.de
• ns02.dns-bb.de
• ns03.dns-bb.de
• ns04.dns-bb.de

MX

• 10 uceprotect.landkreis-passau.de

TXT

• v=DMARC1; p=reject; aspf=r; pct=100; fo=s; rua=mailto:rathaus@kirchham.de

Email authentication strong

SPF

v=spf1 mx a:mailout.landkreis-passau.de include:bayern.de include:agenturserver.de include:spf.crsend.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; aspf=r; adkim=r; pct=100; fo=s; rua=mailto:dmarc@landkreis-passau.de

policy: reject (enforced)

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.kirchham.de/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• cross-origin-opener-policy

findings

• CSP allows unsafe inline scripts/styles
• weak content type protection
• missing Permissions Policy

Links to (12)

• youtube.com×2
• wintop.de×2
• wetter.de×2
• therme-geinberg.at×2
• outdooractive.com×2
• osmfoundation.org×2
• onlim.com×2
• matomo.org×2
• land-in-sicht.de×2
• instagram.com×2
• google.com×2
• facebook.com×2

Linked from (1)

• wirtschaftsregion-passau.de×2