indexo.dev

kit.bg

.bg user

First seen 2026-06-04 · Last seen 2026-06-04 · ok HTTP/1.1 200 946 ms crawled 2026-06-04

BG · 185.20.91.82 · AS13306 Unics EOOD

Reputation 64/100 wrong cert weak security headers dmarc monitor-only

sector tech type homepage

HTML metadata

Title
[Login]
Description
EGroupware

Technology

Server
Apache
CMS
Joomla

Third-party hosts loaded (1)

  • leo.kit.bg×12

DNS records live

NS
  • ns.kit.bg
  • ns.sibi-bg.com
MX
  • 10 leo.kit.bg
  • 15 leo.kitbg.com
  • 16 leo.kit-bg.com
  • 20 krios.sibi-bg.com

Email authentication partial

SPF
v=spf1 mx -all
strict (-all)
DMARC
v=DMARC1;p=none;sp=none;rua=mailto:ivo@kit.bg;ruf=mailto:ivo@kit.bg
policy: none (monitoring only) · sp=none
DKIM
no key found at common selectors

Certificate (current) wrong cert

R12
from 2026-04-22 to 2026-07-21
Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://leo.kit.bg/egroupware/login.php?phpgw_forward=%252Findex.php

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' data:; manifest-src 'self'; frame-ancestors 'self'; img-src 'self' data: https: blob:; font-src 'self'; default-src 'none'

Links to (1)

Use this data via API

Everything on this page for kit.bg is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/kit.bg" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →