tcon.com
tcon.com
HTML metadata
Technology
- Server
- nginx
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- js-eu1.hsforms.net×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- Amazon Registrar, Inc.
- Created
- 1996-03-15
- Expires
- 2027-03-16 284 days left
- Updated
- 2026-05-15
- Name servers
-
- ns-1283.awsdns-32.org
- ns-1997.awsdns-57.co.uk
- ns-464.awsdns-58.com
- ns-803.awsdns-36.net
DNS records live
- NS
-
- ns-1283.awsdns-32.org
- ns-1997.awsdns-57.co.uk
- ns-464.awsdns-58.com
- ns-803.awsdns-36.net
- MX
-
- 0 tcon-com.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
have-i-been-pwned-verification=dweb_iqcjy6gpkblh3ga3n8phvfnjlucid-verification=-9VDb@@CEsLRmXUJhgPV88ogpardot700493=456ab2c6ded3225a453e77447235f88c381dc0487a06b243fd461f59fc70db38pardot700493=b85ce0fe1a05d608f3d70bbe8d7495f68270c137e0687ff32a3d0282e8293fd2
- Verified for
-
- Apple
- Atlassian
- DocuSign
- Microsoft 365
- Miro
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9a7+luv+Wm9rrgL7ab/TSP4O1OfwnWY4s2Odu0SAsC0ZantANonvPI1fMhU+COC/y3YCWWyfeYDvw…
selectors probed - selector1:
Certificate (current)
E8
Expires in 82 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=*, autoplay=(self), camera=(), display-capture=(self), encrypted-media=(self), fullscreen=*, gamepad=(), geolocation=(), gyroscope=*, hid=(), identity-credentials-get=(self), idle-detection=(self), local-fonts=*, magnetometer=*, microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=*, screen-wake-lock=(), serial=(), storage-access=*, usb=(), web-share=*, window-management=(self), xr-spatial-tracking=(self)- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; default-src 'self' *.mosaiq.com *.youtube-nocookie.com *.youtube.com *.analytics.google.com *.google-analytics.com google-analytics.com stats.g.doubleclick.net; font-src 'self' data: fonts.gstatic.com; img-src 'self' *.ads.linkedin.com *.facebook.com *.mosaiq.com *.cookielaw.org *.hsforms.com *.hubspot.com *.bing.com i.ytimg.com yt3.ggpht.com data: *.youtube-nocookie.com *.googleapis.com *.google.com *.google.de *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.googleadservices.com googleadservices.com fonts.gstatic.com; script-src 'self' *.mosaiq.com *.youtube-nocookie.com *.googleapis.com *.google.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.googleadservices.com googleadservices.com 'unsafe-inline' 'unsafe-eval'; worker-src *; script-src-elem * 'unsafe-inline' blob:; object-src 'none'; connect-src 'self' *.google.com *.ads.linkedin.com *.facebook.com *.google-analytics.com *.goog- strict-transport-security
max-age=31536000; includeSubdomains; always
Links to (6)
- youtube.com×1
- xing.com×1
- tiktok.com×1
- linkedin.com×1
- instagram.com×1
- facebook.com×1