vossloh.com
HTML metadata
Technology
- Server
- Apache
- CMS
- Nuxt
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (3)
- azure-eu-images.contentstack.com×6
- app.usercentrics.eu×1
- www.googletagmanager.com×1
Contact
- Phone
- Address
- Vossloh AGVosslohstr. 458791 Werdohl, Germany
Registration
- Registrar
- InterNetX GmbH
- Created
- 1996-06-07
- Expires
- 2026-06-06 16 days left
- Updated
- 2025-06-07
- Name servers
-
- ns1.domainkunden.de
- ns2.domainkunden.de
DNS records live
- NS
-
- ns1.domainkunden.de
- ns2.domainkunden.de
- MX
-
- 5 vossloh-com.mail.protection.outlook.com
- TXT
-
Show 5 TXT records
MS=94481741B9634F7A4C7257B69FE181F57B2F1B49bUL5x68U9HozxTP7Ihi1M62QBW3MhZcsB/3h7nYI8Bt1lVIhxtKBhDcmhWNjN/WgXqEt6eOx7seF+6DITZq3Dw==logmein-verification-code=2a52010c-2817-40c2-9b10-7fc0dec6b1cdFoxit-domain-verification=49f5d882ad15cb7f20ac07f15f4bdc4cmistral-domain-verification=6bcec6fdb2a6dd4e1a7a5f659aea1fdddff9c8ea
- Verified for
-
- Apple
- Atlassian
- DocuSign
- Dynamics 365
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 ip4:85.22.151.2 ip4:213.41.86.89 IP4:213.41.86.90 ip4:213.41.86.104 ip4:185.9.218.148 ip4:194.25.143.66 include:spf.protection.outlook.com include:spf-de.emailsignatures365.com include:mailing.eqs.com include:_spf.zimpel.de -allstrict (-all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1WkRUZDzsj5Z/N8RmpnX9WI7fthLX2GOEqS7J0tjrnkbKHpK0G8xHC4i/PPyf76RA+wymut6gnHoW0uRTsO…
selectors probed - selector1:
Certificate (current)
R13
Expires in 69 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- permissions-policy
camera=(), display-capture=(), fullscreen=(self "https://www.youtube-nocookie.com"), geolocation=(), microphone=()- x-content-type-options
nosniff- content-security-policy
base-uri 'none'; font-src 'self' https: data:; form-action 'self' *.intentive.net *.facebook.com; frame-ancestors 'self' *.intentive.net *.google.com/ https://azure-eu-app.contentstack.com; img-src 'self' https://maps.gstatic.com *.googleapis.com https://azure-eu-images.contentstack.com data: https://img.youtube.com https://i.ytimg.com *.usercentrics.eu/ https://*.intentive.net *.googletagmanager.com *.google-analytics.com *.google.de *.google.com *.linkedin.com *.facebook.com *.googlesyndication.com; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: 'strict-dynamic' 'nonce-O2unzzOx5g519DWJuEoTq9S1' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com; connect-src 'self' https://azure-eu-app.contentstack.com https://azure-eu-assets.contentstack.com https://www.google.com/recaptcha/ *.usercentrics.eu/ *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.dynamics.com *.azureedge.net *.googleapis.com https- strict-transport-security
max-age=31536000; includeSubDomains; preload;- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
cross-origin