osg.de

HTML metadata

Technology

Server

nginx

Analytics

• Google Tag Manager

Cookie consent

• Cookiebot

Third-party hosts loaded (5)

• cdn.eu3.talention.com×4
• consent.cookiebot.com×1
• maps.googleapis.com×1
• www.google.com×1
• www.googletagmanager.com×1

Social

• linkedin
• instagram
• facebook

Registration

Updated

2018-10-02

Name servers

• ns1083.ui-dns.biz.
• ns1083.ui-dns.com.
• ns1083.ui-dns.de.
• ns1083.ui-dns.org.

DNS records live

NS

• ns1083.ui-dns.biz
• ns1083.ui-dns.com
• ns1083.ui-dns.de
• ns1083.ui-dns.org

MX

• 10 mx01.hornetsecurity.com
• 20 mx02.hornetsecurity.com
• 30 mx03.hornetsecurity.com
• 40 mx04.hornetsecurity.com

TXT

• box-domain-verification=3200c294f7f88ccfd6425f579dfdab8bff5559b5c7853e8c5ca61ce15566e39f
• MS=ms65133587

Email authentication strong

SPF

v=spf1 ip4:88.198.85.238/32 ip4:212.18.0.154/32 include:antispameurope.com include:spf.protection.outlook.com include:spf.talention.com include:spfa.myconvento.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc-noreply@osg.de; ruf=mailto:dmarc-noreply@osg.de

policy: quarantine

DKIM

• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.osg.de/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources

Links to (5)

• facebook.com×2
• instagram.com×2
• linkedin.com×2
• veonet-group.com×2
• xing.com×2

Linked from (2)

• geomed-klinik.de×2
• veonet.com×2