thermokon.de

HTML metadata

Technology

Server

nginx

PHP

8.2.31 security-only

Analytics

• Google Tag Manager

Cookie consent

• Cookiebot

Third-party hosts loaded (2)

• consent.cookiebot.com×1
• www.googletagmanager.com×1

Social

• facebook
• instagram
• youtube
• linkedin
• twitter

Contact

Email

• email@thermokon.de

Phone

• +49 2778 6960-0

Registration

Updated

2021-04-15

Name servers

• ns01.riconnect.de.
• ns02.riconnect.de.
• ns03.riconnect.de.

DNS records live

NS

• ns01.riconnect.de
• ns02.riconnect.de
• ns03.riconnect.de

MX

• 10 thermokon-de.mail.protection.outlook.com

TXT

• sophos-domain-verification=b1f163fe8c1cf8a9984189547e9e5f0a71a8ea7264deb91ef2cf3eae8335f573
• sophos-domain-verification=78272f8e1a7ab01b9616d046ad9bbd95b0267a80

Verified for

• Google

Email authentication weak

SPF

v=spf1 ip4:195.145.89.128/29 include:spf.protection.outlook.com include:_spf_eucentral1.prod.hydra.sophos.com include:_spf.cmail.ondemand.com include:amazonses.com include:spf.eu.exclaimer.net include:spf.riconnect.de -all

strict (-all)

DMARC

not published

DKIM

• selector1: v=DKIM1; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxwGQUuTOFfyd8L9uZBVfmsCpoHxQ9ieNWrzyQI+oOQ/BUAOjEXbuLE+SSGdGcB1YJs7JN1CuQDp0+fy…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.thermokon.de/

present

• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (12)

• youtube.com×1
• xing.com×1
• twitter.com×1
• thethingsconference.com×1
• thermokon.se×1
• thermokon.fi×1
• linkedin.com×1
• j2inn.com×1
• instagram.com×1
• facebook.com×1
• enerj-meeting.com×1
• ausschreiben.de×1

Linked from (2)

• thermokon.se×1
• ove.at×1