surteco.com
HTML metadata
Technology
- Server
- Apache
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- cookie.newego.de×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- HTTP.NET INTERNET GMBH
- Created
- 2001-01-23
- Expires
- 2027-01-23 248 days left
- Updated
- 2026-01-24
- Name servers
-
- magrathea.px-pro-hosting.com
- petunia.px-pro-hosting.com
- vogon.px-pro-hosting.com
- whale.px-pro-hosting.com
DNS records live
- NS
-
- magrathea.px-pro-hosting.com
- petunia.px-pro-hosting.com
- vogon.px-pro-hosting.com
- whale.px-pro-hosting.com
- MX
-
- 0 surteco-com.mail.protection.outlook.com
- TXT
-
Show 6 TXT records
_globalsign-domain-verification=tAqZj-FwQJVKRzIUL6W_Jse8RyPMbujD7X4VUUOnTDapple-domain-verification=OWuySNR2nBZMBxUueavgDhn0tGwgYATZFLsluPref/MX9SQnCHdhMxoqagE=8NPQYFfMv8xKTLNGIfXJYpYcA1DAgPdVOtArNfE5JDxllJU3H0IWv6Pc9W8+gBPjcPXLpxLZ1ID2McVWdxKscg==MS=ms58525211sophos-domain-verification=a9d5462d80101a7306c5541b030f1d82abc7bf86f4a504751964bf57d8a3c629
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.emailsignatures365.com include:spf.px-gateway.de include:_spf.senders.dc.aeb.com include:spf.crsend.com ip4:145.253.162.114 ip4:87.191.49.170 ip4:145.253.162.117 ip4:145.253.162.122 include:_spf-dc55.sapsf.eu ~allsoftfail (~all) - DMARC
-
v=DMARC1;p=quarantine;pct=100;rua=mailto:dmarc@surteco.com;ruf=mailto:dmarc@surteco.com;ri=86400;fo=1;policy: quarantine - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZIbNUkCMIC6nkDMn2qMkj4G5pALDMI5iuM9CYj+XvUak8cRcxuXwLeOz5lHLz/ELWMLMi7BZnIPPw… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KdVyXxot1CYGd5Q6b7f5quak8vUbrLcxvFE5rWDniHKv55qNPnxGqLQuI+Yt0YqH2btrc59GCA4Q0…
selectors probed - selector1:
Certificate (current)
GlobalSign GCC R6 AlphaSSL CA 2025
Expires in 176 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.jsdelivr.net https://ajax.googleapis.com https://*.jquery.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.cookiefirst.com https://consent.cookiefirst.com https://cookie.newego.de https://*.newego.de https://dashboard.searchatlas.com https://*.searchatlas.com https://*.surteco.com https://snap.licdn.com https://*.licdn.com https://connect.facebook.net https://*.facebook.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://*.surteco.com https://- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-opener-policy
same-origin