vg-hr.de

HTML metadata

Technology

Server

Apache

Social

• facebook
• instagram

Registration

Updated

2024-01-25

Name servers

• ns1.telekom-domains.de.
• ns2.telekom-domains.de.

DNS records live

NS

• ns1.telekom-domains.de
• ns2.telekom-domains.de

MX

• 10 mailmx0001.rlp.de
• 10 mailmx0002.rlp.de
• 10 mailmx0003.rlp.de
• 10 mailmx0004.rlp.de

TXT

Show 4 TXT records

• apple-domain-verification=7Zcai6tZWJOsuLPy
• MS=ms49114293
• goodnotes-verification=57a5b92b-4f08-40b5-9a51-04adf7e3203e
• google-site-verification=14_wBmuV1Ex77Q9LwFZRG8iNbyQQQUjrs6zYMYmHOCY

Email authentication strong

SPF

v=spf1 mx ip4:83.243.48.64/26 include:chamaeleon.de -all

strict (-all)

DMARC

v=DMARC1;p=reject;pct=100;adkim=r;aspf=r;fo=1;rua=mailto:dmarc@rlp.de;

policy: reject (enforced)

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRFDIh2niPOiPRcMXvQr6285qtHs2G2C9p7GIy8fhaOR96OJxE27RZ+VpP9OuCIXNJUdrQzdwGucPx…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.vg-hr.de/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing Permissions Policy

Links to (5)

• edelsteinland.de×1
• egovernor.de×1
• facebook.com×1
• gremien.info×1
• instagram.com×1

Linked from (1)

• gruenderimdialog.de×1