warburg-fonds.com
warburg-fonds.com
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress 4.8.5 outdated (current 6.8)
- jQuery
- 3.7.1
Third-party hosts loaded (1)
- cdn-cookieyes.com×1
Social
Contact
- Phone
Registration
- Registrar
- Ascio Technologies, Inc. Danmark - Filial af Ascio technologies, Inc. USA
- Created
- 2006-07-24
- Expires
- 2026-07-24 64 days left
- Updated
- 2025-07-25
- Name servers
-
- ns.ppp.de
- ns.ppp.net
DNS records live
- NS
-
- ns.ppp.de
- ns.ppp.net
- MX
-
- 10 warburgfonds-com01i.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 a:mailout1.mmwarburg.com a:mailout2.mmwarburg.com a:mailout3.mmwarburg.com a:mailout4.mmwarburg.com include:spf.warburg-invest-ag-de.cloud.nospamproxy.com ip4:212.2.71.66 include:spf.protection.outlook.com include:newsmailservice.de -allstrict (-all) - DMARC
-
v=DMARC1;p=quarantine;pct=100policy: quarantine - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 88 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), interest-cohort=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-script=(), sync-xhr=(), usb=(), vertical-scroll=(), web-share=(), wake-lock=(), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdn-cookieyes.com *.googletagmanager.com snap.licdn.com *.google.com; script-src-attr 'self'; style-src 'self' fonts.googleapis.com; style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com ams.wpml.org; style-src-attr 'self' 'unsafe-inline'; img-src 'self' data: cdn-cookieyes.com secure.gravatar.com *.openstreetmap.org cloud-files.crsend.com px.ads.linkedin.com *.googletagmanager.com googleads.g.doubleclick.net *.google.de *.google.com; connect-src 'self' *.cookieyes.com cdn-cookieyes.com sourcemap.devowl.io ams.wpml.org yoast.com *.google.com px.ads.linkedin.com *.google-analytics.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; media-src 'self'; report-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; frame-src 'self' *.googletagmanager.com; worker-src 'self' blob:; manifest-src 'self'; block-all-- strict-transport-security
max-age=31556926; includeSubDomains, max-age=63072000; includeSubDomains; preload