indexo.dev

quixplain.app

.app crawl

First seen 2026-04-12 · Last seen 2026-05-19 · ok HTTP/1.1 200 4174 ms crawled 2026-05-04

DE · 128.140.28.196 · AS24940 Hetzner Online GmbH

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Quixplain Editor
Language
de

Technology

Server
Apache

DNS records live

NS
  • ns1021.ui-dns.de
  • ns1077.ui-dns.com
  • ns1104.ui-dns.biz
  • ns1108.ui-dns.org
MX
  • 10 mx00.ionos.de
  • 10 mx01.ionos.de
TXT
  • v=spf1 include:_spf-eu.ionos.com ~all

Certificate (current)

E7
from 2026-04-22 to 2026-07-21
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.quixplain.app/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' data: blob: https://*.quixplain.app ; script-src 'self' 'wasm-unsafe-eval' blob: https://*.quixplain.app ; script-src-elem 'self' 'unsafe-inline' data: blob: https://*.quixplain.app https://cdn.matomo.cloud ; style-src 'self' 'unsafe-inline' ; font-src 'self' data: https://*.quixplain.app ; img-src 'self' data: blob: https://*.quixplain.app ; connect-src 'self' https://*.quixplain.app https://quixplain.matomo.cloud data: ; base-uri 'self' https://*.quixplain.app

Linked from (2)