Guest session
Check Detail

biq.rolandberger.com · DNS

Passed Grade A
100.0%
Hostname biq.rolandberger.com
Check name DNS
last run 13/07/2026 10:07
Result
Incomplete Grade C 70.5%

Result Detail

DNS
Host Type Answer TTL
104.18.40.191
172.64.147.65
2606:4700:4401::6812:28bf
2606:4700:4404::ac40:9341

Result Detail

HEADER
Alerts
  • Strict-Transport-Security: Strict-Transport-Security missing
  • Content-Security-Policy: Content-Security-Policy missing
  • X-Content-Type-Options: Header missing
  • X-Frame-Options: Header missing
  • Referrer-Policy: Header missing
  • Permissions-Policy: Permissions-Policy missing
  • Cross-Origin-Opener-Policy: Header missing
  • Cross-Origin-Embedder-Policy: Header missing
  • Cross-Origin-Resource-Policy: Header missing
  • Cache-Control: Cache-Control missing restrictive directives
  • Expect-CT: Expect-CT missing
  • X-Permitted-Cross-Domain-Policies: Header missing
  • Access-Control-Allow-Origin: Access-Control-Allow-Origin missing
  • Server: Sensitive header exposed
  • Origin-Agent-Cluster: Header missing
Normalized headers
date Mon, 13 Jul 2026 08:07:25 GMT
content-type text/html; charset=UTF-8
location https://roland-berger.kb.theblockbrain.ai/
server cloudflare
cf-ray a1a6cb3e3e62dbc7-FRA
Transport
Check name Status Actual Expected Detail Severity Recommendation
Strict-Transport-Security ❌ Missing max-age>=15768000; includeSubDomains; preload Strict-Transport-Security missing Critical Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Expect-CT ❌ Missing enforce; max-age>=86400 Expect-CT missing Medium Expect-CT: enforce, max-age=86400, report-uri="https://report.example.com"
Content Security
Check name Status Actual Expected Detail Severity Recommendation
Content-Security-Policy ❌ Missing default-src 'self'; frame-ancestors 'none' Content-Security-Policy missing Critical Content-Security-Policy: default-src 'self'; frame-ancestors 'none'
MIME
Check name Status Actual Expected Detail Severity Recommendation
X-Content-Type-Options ❌ Missing nosniff Header missing High X-Content-Type-Options: nosniff
Framing
Check name Status Actual Expected Detail Severity Recommendation
X-Frame-Options ❌ Missing DENY or SAMEORIGIN Header missing High X-Frame-Options: DENY
Privacy
Check name Status Actual Expected Detail Severity Recommendation
Referrer-Policy ❌ Missing strict-origin-when-cross-origin / same-origin Header missing Medium Referrer-Policy: strict-origin-when-cross-origin
Browser Features
Check name Status Actual Expected Detail Severity Recommendation
Permissions-Policy ❌ Missing camera=(); geolocation=(); microphone=() Permissions-Policy missing Medium Permissions-Policy: camera=(), geolocation=(), microphone=()
Cross-Origin
Check name Status Actual Expected Detail Severity Recommendation
Cross-Origin-Opener-Policy ❌ Missing same-origin Header missing High Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy ❌ Missing require-corp Header missing High Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Resource-Policy ❌ Missing same-origin Header missing Medium Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster ❌ Missing ?1 Header missing Low Origin-Agent-Cluster: ?1
Caching
Check name Status Actual Expected Detail Severity Recommendation
Cache-Control ❌ Missing no-store, private, max-age=0 Cache-Control missing restrictive directives High Cache-Control: no-store, private, max-age=0
Legacy
Check name Status Actual Expected Detail Severity Recommendation
X-Permitted-Cross-Domain-Policies ❌ Missing none Header missing Low X-Permitted-Cross-Domain-Policies: none
CORS
Check name Status Actual Expected Detail Severity Recommendation
Access-Control-Allow-Origin ❌ Missing Scoped origin (no wildcard) Access-Control-Allow-Origin missing Medium Access-Control-Allow-Origin: https://app.example.com
Information Disclosure
Check name Status Actual Expected Detail Severity Recommendation
Server ❌ Missing cloudflare Header removed or generic Sensitive header exposed High Remove Server header or set to a generic token
X-Powered-By ✅ Passed Header removed Header not exposed High Remove X-Powered-By header
X-AspNet-Version ✅ Passed Header removed Header not exposed Medium Remove framework version headers
Raw headers
HTTP/2 301 
date: Mon, 13 Jul 2026 08:07:25 GMT
content-type: text/html; charset=UTF-8
location: https://roland-berger.kb.theblockbrain.ai/
server: cloudflare
cf-ray: a1a6cb3e3e62dbc7-FRA

Result Detail

SSL
Check name Status Value
certificate chain is complete ✅ Passed 4
root CA is trusted ✅ Passed Trusted
cert valid for ✅ Passed 79
chain certs are valid until ✅ Passed 30.09.2026
CN matches Domainname ✅ Passed biq.rolandberger.com
certificate subject ✅ Passed CN=biq.rolandberger.com
certificate issuer ✅ Passed C=US, O=Google Trust Services, CN=WE1
signature algorithm ✅ Passed ecdsa-with-SHA256
TLS protocol ✅ Passed TLSv1.3 TLS_AES_256_GCM_SHA384
Subject Alternative Names ✅ Passed biq.rolandberger.com
Public Key ✅ Passed EC 256
Certificate chain
# Common name Issuer Valid until CA
0 biq.rolandberger.com C=US, O=Google Trust Services, CN=WE1 30.09.2026 04:01:08 No
1 biq.rolandberger.com C=US, O=Google Trust Services, CN=WE1 30.09.2026 04:01:08 No
2 WE1 C=US, O=Google Trust Services LLC, CN=GTS Root R4 20.02.2029 15:00:00 Yes
3 GTS Root R4 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA 28.01.2028 01:00:42 Yes
TLS details
Negotiated protocol TLSv1.3
Cipher suite TLS_AES_256_GCM_SHA384 (256 bit)
Cipher version TLSv1.3
Perfect Forward Secrecy Attention
Earliest chain expiry 30.09.2026 04:01
Fingerprints
SHA-256 DE:7A:F4:F6:AA:FA:52:FB:A1:34:1C:F0:B3:DB:20:4C:A9:FD:AD:24:FF:F2:DB:48:9D:C9:32:42:C6:60:86:B2
SHA-1 42:55:0A:34:80:E0:16:62:35:B3:4C:30:51:07:AF:A7:22:4B:26:99
Revocation
OCSP URLs
CRL URLs
Full Name: URI:http://c.pki.goog/we1/Sf6VE40mPgw.crl
Issuer URLs (AIA)
http://i.pki.goog/we1.crt
OCSP Must-Staple No
Trust evaluation

Attempted: Yes

Trusted: Yes

OpenSSL diagnostic command
openssl s_client -connect biq.rolandberger.com:443 -servername biq.rolandberger.com

Result Detail

WAF
Sign up to use!
Ownership verification required

Real WAF results become available after signing up. Until then we show you a small teaser from the imagination department.

  • Shield level Mythisch
  • Watchers Gremlins im Standby
  • Last attack Story folgt nach Registrierung