wogedo.de

HTML metadata

Technology

Server

Apache

Cookie consent

• Usercentrics

Third-party hosts loaded (2)

• app.usercentrics.eu×1
• privacy-proxy.usercentrics.eu×1

Social

• facebook

Registration

Updated

2020-03-11

Name servers

• ns01.agenturserver.co.
• ns01.agenturserver.de.
• ns01.agenturserver.it.

DNS records live

NS

• ns01.agenturserver.co
• ns01.agenturserver.de
• ns01.agenturserver.it

MX

• 10 mail.wogedo.de

TXT

• sophos-domain-verification=6c6ed159a10e3a3413cd1509cd3392838263190b4f744248b6e2410174c75efe
• MS=284A213D45DC02960A82D83807B801F6C7A6754A
• oDvoU4fLk1bWFhG/l5GvSlgKzMxdlm+KcR0iGFlkT3buVe205DNykwmNfUACijCeNb7VG4dLDmNUkhIM8DRCJA==

Email authentication strong

SPF

v=spf1 a mx ip4:80.147.39.92 include:spf.mandrillapp.com ip4:185.15.194.127 ?all

neutral (?all)

DMARC

v=DMARC1;p=reject;sp=none;pct=100;rua=mailto:administrator@wogedo.de;ruf=mailto:administrator@wogedo.de;rf=afrf;ri=86400

policy: reject (enforced) · sp=none

DKIM

• default: v=DKIM1;t=s;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwnvinaEM5XQ3JBntpm1AM6mr6RnxVpBwCdhl5fk23JPpRNJFW2XE7of6rdZ15U3CQOtiIpL3n/vPb/6DI…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.wogedo.de/

present

• content-security-policy
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (2)

• facebook.com×2
• wohnfuehlen-blog.de×2

Linked from (3)

• mai-gebaeudeservice.de×2
• mai-bau.de×2
• wohnfuehlen-blog.de×1