c4trends.de

.de crawl

First seen 2026-04-15 · Last seen 2026-05-09 · ok HTTP/1.1 200 1289 ms crawled 2026-05-09

DE · 162.55.254.193 · AS24940 Hetzner Online GmbH

Reputation 92/100 no dmarc policy

sector other type homepage

HTML metadata

Title

Startseite

Language

Generator

TYPO3 CMS

Canonical

https://www.c4trends.de/

Translations

de
en-us

Technology

Server: Apache

Registration

Updated

2024-08-21

Name servers

ns1.your-server.de.
ns3.second-ns.de.
ns.second-ns.com.

DNS records live

NS

ns.second-ns.com
ns1.your-server.de
ns3.second-ns.de

MX

10 c4trends-de.mail.protection.outlook.com

TXT

Show 4 TXT records

MS=ms79257248
google-site-verification=LTN4QgmiXmbQZfu8ZtYiHRACC3JEMiir3RuPz__-dHw
knowbe4-site-verification=6735ab891dcedcb6807175e1977b7153
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8QJTpx3Tl6HHPhx7G907+La/rZPweJhrd8m2Uj9EJhzkLFtzEQtXYJuLQ+n/x0vMYuWd8s9h0fXu7iJ9RDvB9fg6ftQmdShZhX2dAqcUBt+TA8Vu5elcM+nyEhkihRUGNiYt1Lht+JiD7wLjRCzRx/q3mYnWY+2pgH2JaeRT3wuJTZ0Q/VO0IA1ufWEgUEqHjItTuiJUBWgsj7niXyH4sbKtQBXv564baHwm1oiqcW56Sq9RqUeUSGuMyaYmeKgbQBcEG+o2O+5YJbXMrKZOxxXaoM1eCJ95Wc3qlbHKoO20Kwvb+rrJHYYBZphAYYXTb0NLjRAH4av0d3mBTXi5QIDAQAB

Email authentication weak

SPF: v=spf1 +a +mx include:spf.protection.outlook.com ?all
neutral (?all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Encryption Everywhere DV TLS CA - G2

from 2025-07-13 to 2026-07-13

Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.c4trends.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
permissions-policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=*, publickey-credentials-get=(), sync-xhr=(), usb=(), screen-wake-lock=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *.bugherd.com *.doubleclick.net *.youtube.com *.facebook.net *.googleadservices.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.cloudfront.net; frame-src 'self' blob: *.bugherd.com *.google.com *.youtube.com *.youtube-nocookie.com; img-src 'self' data: *.facebook.com *.google.com *.google.de *.amazonaws.com *.cloudfront.net img.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudfront.net *.google-analytics.com *.googletagmanager.com; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.cloudfront.net fonts.gstatic.com *.bugherd.com ; worker-src *.google-analytics.com *.googletagmanager.com *.youtube.com *.youtube-nocookie.com; object-src 'none'; connect-src 'self' *.bugsnag.com wss://ws.pusherapp.com *.pusherapp.com *.bugherd.com *.pusher.com *.googleapis.com *.doubleclic
strict-transport-security: max-age=63072000; includeSubDomains; preload

Linked from (1)

luce-stiftung.de×2