duvenbeck.de

.de crawl

First seen 2026-04-20 · Last seen 2026-05-13 · ok HTTP/1.1 200 5118 ms crawled 2026-05-13

DE · 93.122.83.178 · AS48951 Telekom Deutschland GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

DUVENBECK - WE MOVE WHAT MATTERS MOST – Start

Language

de-DE

Generator

Joomla! - Open Source Content Management

Translations

de-de
en-gb

Technology

Server: nginx
CMS: Joomla

Cookie consent

Cookiebot

Third-party hosts loaded (1)

consent.cookiebot.com×1

Social

Contact

Email

Phone

+49287121920

Registration

Updated

2026-02-23

Name servers

ns1.telekom-domains.de.
ns2.telekom-domains.de.

DNS records live

NS

ns1.telekom-domains.de
ns2.telekom-domains.de

MX

10 mail.duvenbeck.de

TXT

Show 7 TXT records

google-site-verification=Eiw5CsMUqI2AqnQgP3dJQbAEy8xD1I48EWu654v7nt0
MS=9444A9A5EB95C54D59D53ED56678871590605B8C
google-gws-recovery-domain-verification=52381966
apple-domain-verification=GjqGg8K3LmZFnpZ8
MS=ms43029079
docusign=a345a272-ba2b-49c5-a8da-bb83f6f3ddfa
globalsign-domain-verification=-2MUWwBwj3ok07Fl4G1-S0Mu94usK9wRRNGdwJA8hD

Email authentication weak

SPF: v=spf1 a mx ip4:93.122.83.181 include:spf.crsend.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

GlobalSign RSA OV SSL CA 2018

from 2026-01-20 to 2027-02-21

Expires in 278 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.duvenbeck.de/de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.google.com *.googleadservices.com *.bing.com *.doubleclick.net *.googlesyndication.com *.cookiebot.com *.gstatic.com; script-src 'unsafe-eval' 'self' 'unsafe-inline' *.google.com *.googleadservices.com *.bing.com *.doubleclick.net *.googlesyndication.com *.cookiebot.com *.gstatic.com https://serviceportal.duvenbeck.de; script-src-elem 'self' 'unsafe-inline' *.google.com *.googleadservices.com *.bing.com *.doubleclick.net *.googlesyndication.com *.cookiebot.com *.gstatic.com https://serviceportal.duvenbeck.de https://www.googletagmanager.com; frame-src 'self' data: blob: *.google.com *.googleadservices.com *.bing.com *.doubleclick.net *.googlesyndication.com *.cookiebot.com *.gstatic.com https://www.youtube.com; style-src 'self' 'unsafe-inline' *.google.com *.googleadservices.com *.bing.com *.doubleclick.net *.googlesyndication.com *.cookiebot.com *.gstatic.com; style-src-elem 'self' 'unsafe-inline' *.google.com *.googleadservices.com *.bing.com *.doubleclick.net *
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin

Links to (6)

Linked from (1)

1fcbocholt.de×2