indexo.dev

loanboox.com

.com crawl

First seen 2026-05-19 · Last seen 2026-05-31 · ok HTTP/1.1 200 714 ms crawled 2026-05-27

CH · 217.26.60.225 · AS29097 Hostpoint AG

Reputation 100/100

Classifying

HTML metadata

Title
Loanboox.com | Europe's leading debt capital market platform
Language
en-US
Generator
Divi v.4.27.6
Feeds

Technology

Server
Apache
CMS
WordPress
jQuery
3.7.1
Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts
  • Google Fonts
Third-party hosts loaded (7)
  • chat.aiaibot.com×1
  • efikisis.myhostpoint.ch×1
  • fonts.gstatic.com×1
  • salesviewer.org×1
  • use.typekit.net×1
  • www.facebook.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
Ascio Technologies, Inc. Danmark - Filial af Ascio technologies, Inc. USA
Created
2015-07-18
Expires
2026-07-18 47 days left
Updated
2025-07-30
Name servers
  • ns.hostpoint.ch
  • ns2.hostpoint.ch
  • ns3.hostpoint.ch

DNS records live

NS
  • ns.hostpoint.ch
  • ns2.hostpoint.ch
  • ns3.hostpoint.ch
MX
  • 10 loanboox-com.mail.protection.outlook.com
Verified for
  • Apple
  • Google

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:_spf.sui-inter.net include:sendgrid.net include:amazonses.com include:loanbooxmails.com -all
strict (-all)
DMARC
v=DMARC1;p=quarantine;sp=quarantine;adkim=s;aspf=s;rua=mailto:info@loanboox.ch;ruf=mailto:info@loanboox.ch;rf=afrf;pct=100;fo=1
policy: quarantine · sp=quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiq79BiIj+/uEe1hkq8IUnd2zfXqjWv/zDrQ9xOARzCUd0gpSKLZ0d127q9BhQ7A/WWogCQ2cdnchhTUewlv…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzK0Rp4Ahg0wRIk5gxrXUGy6GoyNDK7deRnXVHbxpGRPRZdsG52TiyG/ipY7XyM6nW+RF5AnxWyh1/SzRx…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydMTQn+c63SIEyMbyR4QRYZdyr448iGdyAZv7ea6vf5t4PT0hmwDeih+5osUi9GSAAs2oJ44BKw18E3egq…
selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1
from 2025-12-16 to 2026-12-16
Expires in 198 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://loanboox.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' loanboox.com fincetra.com *.fincetra.com *.loanboox.com lbx-analytics.azurewebsites.net *.aiaibot.com *.google.com *.google-analytics.com *.salesviewer.org *.salesviewer.com salesviewer.org salesviewer.com; frame-src 'self' blob: *.google.com *.google.com *.aiaibot.com youtube.com youtube-nocookie.com www.youtube-nocookie.com www.youtube.com; img-src * data:; font-src 'self' data: fonts.gstatic.com *.typekit.net; style-src * 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' loanboox.com *.loanboox.com *.google-analytics.com *.googleapis.com *.gstatic.com *.google.com *.googletagmanager.com snap.licdn.com *.aiaibot.com cdnjs.cloudflare.com lbx-analytics.azurewebsites.net ; object-src 'self' loanboox.com fincetra.com *.fincetra.com *.loanboox.com;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (3)

Linked from (3)