indexo.dev

dudagroup.com

.com crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 172 ms crawled 2026-05-30

US · 136.110.160.166 · AS396982 Google LLC

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Hey DU DA
Description
DU DA ist Enabler, Think Tank und Innovation Lab. Wir entwickeln für Kunden marktnahe Produkte, vom Design bis zur Programmierung.
Language
en-US
Canonical
https://dudagroup.com/

Open Graph

url
https://dudagroup.com/
title
Hey DU DA
locale
en_US
site name
DU DA
description
DU DA ist Enabler, Think Tank und Innovation Lab. Wir entwickeln für Kunden marktnahe Produkte, vom Design bis zur Programmierung.

Technology

CMS
WordPress
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot

Third-party hosts loaded (3)

  • www.google.com×2
  • consent.cookiebot.com×1
  • www.googletagmanager.com×1

Contact

Email
Phone

Registration

Registrar
Key-Systems GmbH
Created
2001-10-19
Expires
2026-10-19 140 days left
Updated
2025-11-25
Name servers
  • dane.ns.cloudflare.com
  • lucy.ns.cloudflare.com

DNS records live

NS
  • dane.ns.cloudflare.com
  • lucy.ns.cloudflare.com
MX
  • 0 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • MS=2BECC6C520D974BAEE718DCEE49A39BFC684FE73
Verified for
  • 1Password
  • Anthropic
  • Atlassian
  • Google
  • Microsoft 365
  • OpenAI

Email authentication partial

SPF
v=spf1 include:_spf.google.com include:eu.transmail.net include:_spf.google.com include:amazonses.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

WR3
from 2026-05-10 to 2026-08-08
Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://dudagroup.com/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(self), autoplay=(self), camera=(self), display-capture=(self), fullscreen=(*), geolocation=(*), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), sync-xhr=(*), usb=(), screen-wake-lock=(*), web-share=(self), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: *.cookiebot.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.google.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.googleapis.com; base-uri 'self'; font-src 'self' data: *.googleapis.com *.gstatic.com; object-src 'none'; frame-src *.cookiebot.com *.google.com; connect-src 'self' yoast.com *.google-analytics.com *.cookiebot.com *.googleapis.com; img-src * 'self' data: https: ; frame-ancestors 'self'; media-src 'self'; manifest-src 'self'; form-action 'self' *.list-manage.com; child-src blob:

Links to (46)

Linked from (3)