vendo.at

HTML metadata

Technology

Server

nginx

CMS

Gatsby

Social widgets

• Vimeo Embed

Third-party hosts loaded (5)

• player.vimeo.com×3
• challenges.cloudflare.com×1
• integrations.etrusted.com×1
• maxcdn.bootstrapcdn.com×1
• widgets.trustedshops.com×1

Social

• facebook
• linkedin
• youtube
• instagram

Contact

Email

• office@vendo.at
• uhroffice@vendo.at

Phone

• +4376727055555
• +4376727050
• +431740510
• +4916090535621

DNS records live

NS

• dns4.a1.net
• dns5.a1.net

MX

• 10 vendo-at.mail.protection.outlook.com

TXT

• offensity-domain-verification=91ccf49248ef434df09b5aeb0a38cf0f285f5c14564689cab03884ae992f46e4
• linkedin-site-verification=74da429e-6f65-486c-a7a9-b9e469385085
• spycloud-domain-verification=c720229f-7550-49a1-ba92-d3cf6cdccf74

Verified for

• Anthropic
• Google
• Meta
• Microsoft 365

Email authentication weak

SPF

v=spf1 mx ip4:193.228.86.61 ip4:193.228.86.62 ip4:193.228.86.27 include:spf.mandrillapp.com include:servers.mcsv.net include:spf.protection.outlook.com include:spf-de.emailsignatures365.com -all

strict (-all)

DMARC

not published

DKIM

• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://vendo.at/

present

• x-frame-options
• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• youtube.com×1
• linkedin.com×1
• leitbetrieb.com×1
• instagram.com×1
• facebook.com×1
• dpi.co.at×1

Linked from (2)

• propak.at×1
• dmvoe.at×1