ortheo.org
HTML metadata
Technology
- Server
- nginx
- jQuery
- 1.12.4 known XSS (<3.5)
- JS framework
- React
- Fonts
-
- Google Fonts
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (9)
- img-ie.nccdn.net×109
- 0501.nccdn.net×13
- unpkg.com×2
- ajax.googleapis.com×1
- code.jquery.com×1
- design.elixite.com×1
- fonts.googleapis.com×1
- player.vimeo.com×1
- www.google.com×1
DNS records live
- NS
-
- dns1.hosteur.com
- dns2.hosteur.com
- MX
-
- 10 mx1expert.hosteur.net
- 20 mx2expert.hosteur.net
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 include:exchange-swiss.ch ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; rua=mailto:postmaster@exchange-swiss.chpolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 182 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';- strict-transport-security
max-age=31536000; includeSubDomains
Links to (2)
Linked from (1)
Use this data via API
Everything on this page for ortheo.org is available as JSON from the indexo.dev REST & MCP API.
curl "https://indexo.dev/api/v1/domains/ortheo.org" \ -H "X-API-Key: idx_..."
Add a badge to your site
Own ortheo.org? Show it's tracked on indexo.dev and link visitors straight to this page.
<a href="https://indexo.dev/ortheo.org" target="_blank" rel="noopener"> <img src="https://indexo.dev/ortheo.org/badge.svg" alt="indexo.dev — ortheo.org"> </a>