raiffeisen-kosovo.com
HTML metadata
Technology
- Cookie consent
-
- OneTrust
Third-party hosts loaded (1)
- cdn.cookielaw.org×1
Social
Registration
- Registrar
- Amazon Registrar, Inc.
- Created
- 2003-02-13
- Expires
- 2028-02-13 632 days left
- Updated
- 2025-12-01
- Name servers
-
- chelsea.ns.cloudflare.com
- craig.ns.cloudflare.com
DNS records live
- NS
-
- chelsea.ns.cloudflare.com
- craig.ns.cloudflare.com
- MX
-
- 10 raiffeisenkosovo-com02e.mail.protection.outlook.com
- Verified for
-
- Adobe
- Cisco
- Meta
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.mdcs.at include:amazonses.com include:_spf.psm.knowbe4.com ip4:3.123.206.219 ip4:3.68.129.51 ip4:185.205.168.66 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; sp=reject; rua=mailto:lok2jnsf@ag.eu.dmarcadvisor.com,mailto:isirt@raiffeisen-kosovo.com; ruf=mailto:lok2jnsf@fr.eu.dmarcadvisor.com; pct=100; aspf=r; adkim=r; fo=1; rf=afrf; ri=86400;policy: reject (enforced) · sp=reject - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NsV3fNX7AEwhRmYWISwHEDN2FmuziBuXHOUVhaSvI4ox0WZoZMn2k78g4Sx0zu5gNC8VNXAFfIAyg… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWWa5QQjcAhPpuw9wb0bwOi/5englYN88aX+6NjjXQbNypL1piAI3XJw62M7p28bMqKzVIRpZ7Nj0A…
selectors probed - selector1:
Certificate (current)
DigiCert EV RSA CA G2
Expires in 68 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
ALLOW-FROM https://plus.raiffeisen-kosovo.com/- permissions-policy
accelerometer=(), autoplay=(self), camera=(), clipboard-read=(self), clipboard-write=(self), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(self), serial=(), storage-access=(), sync-xhr=(), unload=(), usb=(), window-management=(), window-placement=(self), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' https://static.experimentation.dev https://www.youtube.com https://o09qb4ylcr.kameleoon.eu https://o09qb4ylcr.kameleoon.io https://static.kameleoon.com https://graphical-editor.kameleoon.com https://simulation.kameleoon.com https://client-config.kameleoon.com https://sdk-config.kameleoon.eu https://electra.kameleoon.com https://aibuilder.kameleoon.com https://cdn.mouseflow.com https://whhd6a.raiffeisen-kosovo.com https://livechat.infobip.com https://www.googleadservices.com https://www.google.com https://d1mxyhmor38cww.cloudfront.net/latest/groupcms.js https://d1mxyhmor38cww.cloudfront.net/dev/groupcms.js https://cdn.adjust.com https://cdn.cookielaw.org https://connect.facebook.net https://googleads.g.doubleclick.net https://snap.licdn.com 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://*.gstatic.com https://*.google.com https://*.ggpht.com https://*.google- strict-transport-security
max-age=63072000; includeSubDomains;- cross-origin-opener-policy
same-origin