indexo.dev

nlc.info

.info crawl

First seen 2026-04-15 · Last seen 2026-05-11 · ok HTTP/1.1 200 805 ms crawled 2026-05-11

US · 188.114.97.3 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Niedersächsisches LernCenter - NLC
Language
de

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights

Third-party hosts loaded (2)

  • challenges.cloudflare.com×1
  • static.cloudflareinsights.com×1

Registration

Registrar
Vautron Rechenzentrum AG
Created
2020-12-10
Expires
2026-12-10 205 days left
Updated
2026-01-24
Name servers
  • heather.ns.cloudflare.com
  • brian.ns.cloudflare.com

DNS records live

NS
  • brian.ns.cloudflare.com
  • heather.ns.cloudflare.com
MX
  • 10 mail1.nibis.de

Email authentication partial

SPF
v=spf1 mx a -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:0287c10a78fd48ec9d670365fa24158e@dmarc-reports.cloudflare.net
policy: none (monitoring only)
DKIM
  • dkim: v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdCd7PLTmm4WkbHzZzsJdCcGHKcpUO/RJq5TQYRS3vnv77Oe2gF+i0XBFB5yeSkSxEil…
selectors probed

Certificate (current)

WE1
from 2026-04-05 to 2026-07-04
Expires in 46 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://nlc.info/app

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
permissions-policy
autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=(), fullscreen=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' chat.nlc.info plausible.io utteranc.es *.cloudflare.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval' plausible.io/js/plausible.js utteranc.es/client.js; style-src 'self' *.cloudflare.com 'unsafe-inline'; img-src 'self' * data:; font-src 'self' data: ; connect-src 'self' chat.nlc.info ws: chat.nlc.info; media-src 'self'; frame-src 'self' *.cloudflare.com plausible.io utteranc.es github.com *.youtube.com *.vimeo.com; object-src 'none'; base-uri 'self';
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (4)