indexo.dev

oftec.org

.org crawl

First seen 2026-04-28 · Last seen 2026-05-18 · ok HTTP/1.1 200 2298 ms crawled 2026-05-05

GB · 194.164.94.46 · AS8560 IONOS SE

Reputation 100/100

Classifying

HTML metadata

Language
en-GB

Technology

Server
Microsoft-IIS
Social widgets
  • YouTube Embed

Third-party hosts loaded (4)

  • app-script.monsido.com×1
  • code.jquery.com×1
  • monsido-consent.com×1
  • www.youtube.com×1

Social

Registration

Registrar
IONOS SE
Created
2000-03-02
Expires
2027-03-02 287 days left
Updated
2026-02-05
Name servers
  • ns-1271.awsdns-30.org
  • ns-1907.awsdns-46.co.uk
  • ns-294.awsdns-36.com
  • ns-895.awsdns-47.net

DNS records live

NS
  • ns-1271.awsdns-30.org
  • ns-1907.awsdns-46.co.uk
  • ns-294.awsdns-36.com
  • ns-895.awsdns-47.net
MX
  • 10 oftec-org.mail.protection.outlook.com
TXT
  • v=spf1 include:spf.protection.outlook.com -all

Certificate (current)

R13
from 2026-03-12 to 2026-06-10
Expires in 22 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://oftec.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • permissions-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
Header values
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),display-capture=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://*.tawk.to va.tawk.to embed.tawk.to api.addressy.com/GovernmentData/Postzon/RetrieveByPostcode/v1.50/json3.ws connect.facebook.net *.facebook.com *.google-analytics.com www.googletagmanager.com www.clicksafe.lloydstsb.com *.rsa3dsauth.co.uk verify.monzo.com *.arcot.com 3ds-secure.cardcomplete.com ecclients.btrl.ro bofp.erstebank.hu pay.activa-card.com *.wirecard.com acssv.otpbank.hu acs.sia.eu idcheck.acs.touchtechpayments.com sicher-bezahlen.sparkasse.at www.securesuite.co.uk bred.wlp-acs.com bnpp-3ds.wlp-acs.com live.opayo.eu.elavon.com marketplace.umbraco.com test.sagepay.com sandbox.opayo.eu.elavon.com maps.googleapis.com services.postcodeanywhere.co.uk packages.umbraco.org our.umbraco.org www.youtube.com pagecorrect.monsido.com heatmaps.monsido.com syndication.twitter.com monsido-consent.com api.monsido-consent.com platform.twitter.com www.google.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tawk.to fonts.googleapis.com www.google.com www.gstatic.
strict-transport-security
max-age=0; includeSubDomains

Links to (4)

Linked from (2)