kronos-solar.com

HTML metadata

Title

homepage | kronos solar by edpr

Language

en

Canonical

https://kronos-solar.com/en

Translations

de
en
fr

Technology

Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (2)

cdn.cookielaw.org×2
www.googletagmanager.com×2

Social

Registration

Registrar

IONOS SE

Created

2010-04-16

Expires

2027-04-16 331 days left

Updated

2026-04-17

Name servers

ns.ui-global-dns.biz
ns.ui-global-dns.com
ns.ui-global-dns.de
ns.ui-global-dns.org

DNS records live

NS

ns.ui-global-dns.biz
ns.ui-global-dns.com
ns.ui-global-dns.de
ns.ui-global-dns.org

MX

0 kronossolar-com01e.mail.protection.outlook.com

Email authentication strong

SPF: v=spf1 ip4:185.58.81.13 ip4:185.58.83.13 ip4:168.63.107.85 include:_spf-eu.ionos.com include:spf.protection.outlook.com ~all
softfail (~all)
DMARC: v=DMARC1;p=quarantine;
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-10-22 to 2026-10-22

Expires in 155 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://kronos-solar.com/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: ALLOW-FROM *.edp.pt, *.edp.pt/*, *.edp.com, *.edp.com:*, *.edp.com/*, *.edpr.com, *.bol.pt, *.bol.pt/*, *.microsoft.com, *.microsoftonline.com, *.windows.net, *.office.com, *.gstatic.com, *.google.com, *.appspot.com, *.vimeo.com, *.cookielaw.org, *.recaptcha.net, *.bandcamp.com, *.soundcloud.com, opendata.online.e-redes.pt, *.sites.edp.com, *.siteimprove.com, *.siteimprove.net, *.workplace.com, *.intras.edp.com, *.microsoftstream.com, tv.edpon.livextend.cloud, *.youtube.com, *.youtube-nocookie.com, *.eurolandir.com, *.mailjet.com, *.media-server.com, *.wufoo.com, edp.teto.pt, *.spotify.com, ir2.flife.de, ir.tools.investis.com, sdk.companywebcast.com, ir.tools.investis.com, *.edpon.livextend.cloud, *.powerbi.com, *.suratica.es, teams.microsoft.com/_?tenantId=bf86fbdb-f8c2-440e-923c-05a60dc2bc9b, ssl.google-analytics.com
permissions-policy: fullscreen=(self)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' 'unsafe-eval' 'unsafe-inline' dokumfe7mps0i.cloudfront.net *.dig.corp.edp.com *.microsoft.com *.microsoftonline.com *.windows.net *.office.com *.bol.pt *.bol.pt/* *.vimeo.com *.cookielaw.org *.recaptcha.net *.bandcamp.com *.soundcloud.com *.google.com *.sites.edp.com *.siteimprove.net *.siteimprove.com *.workplace.com *.intras.edp.com *.microsoftstream.com *.edp.pt *.edp.com *.edpr.com *.dig.corp.edp.com *.youtube.com *.youtube-nocookie.com *.eurolandir.com *.mailjet.com *.media-server.com *.wufoo.com edp.teto.pt *.spotify.com ir2.flife.de ir.tools.investis.com sdk.companywebcast.com ir.tools.investis.com *.edpon.livextend.cloud *.powerbi.com *.suratica.es; script-src 'self' 'unsafe-eval' 'unsafe-inline' polyfill.io snap.licdn.com *.googleadservices.com td.doubleclick.net dokumfe7mps0i.cloudfront.net *.dig.corp.edp.com *.bol.pt/* maat.pt/* *.gstatic.com *.google.com *.google.pt *.googletagmanager.com *.google-analytics.com *.googleusercontent.com *.googleapis.com *.new
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (2)

agrarheute.com×2
linkedin.com×2

Linked from (1)

circle-hub.de×2