indexo.dev

goldsteig.de

.de crawl

First seen 2026-04-20 · Last seen 2026-05-14 · ok HTTP/1.1 200 2061 ms crawled 2026-05-14

DE · 185.166.22.213 · AS15817 Mittwald CM Service GmbH & Co. KG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
GOLDSTEIG Käsespezialitäten | Bayerns feiner Käse
Description
Entdecken Sie unsere GOLDSTEIG Käsespezialitäten – Mozzarella, Protinella, Emmentaler, Almdammer, Ricotta, Mascarpone, unsere Markenbutter & tolle Rezepte.
Language
de
Generator
TYPO3 CMS
Canonical
https://www.goldsteig.de/
Translations
  • de-de
  • en-gb
  • it-it

Technology

Server
Apache

Third-party hosts loaded (1)

  • www.goldsteig.it×1

Social

Registration

Updated
2026-02-17
Name servers
  • a.ns14.net.
  • b.ns14.net.
  • c.ns14.net.
  • d.ns14.net.

DNS records live

NS
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net
MX
  • 10 mx1.unit-it.at
  • 10 mx2.unit-it.at
TXT
Show 4 TXT records
  • sendinblue-code:dd8233e91d6e11b80f1ab13bc5a66a13
  • MS=ms22299617
  • apple-domain-verification=6BZaewIqf7xcxczo
  • asap-site-verification-312fd83a-0960-4feb-85cf-cdf7878bb094

Email authentication partial

SPF
v=spf1 mx ip4:195.128.170.18 ip4:195.128.170.19 ip4:92.204.33.160 ip4:87.129.160.197 ip4:185.166.22.213 include:_spf-dc-55.sapsf.eu include:spf.successfactors.com include:successfactors.eu include:_spf-dc55.sapsf.eu include:ispgateway.de include:_spf.createsend.com include:spf.sendinblue.com include:agenturserver.de -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R12
from 2026-03-21 to 2026-06-19
Expires in 31 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.goldsteig.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), midi=(), camera=(), usb=(), magnetometer=(), accelerometer=(), vr=(), speaker=(), ambient-light-sensor=(), gyroscope=(), microphone=()
x-content-type-options
nosniff
content-security-policy
default-src 'none'; object-src 'self'; media-src 'self'; font-src 'self' data: *.googleapis.com *.gstatic.com; manifest-src 'self'; connect-src 'self' *.preeco.de decareto.b-cdn.net *.whistleblowing-compliant.eu; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.googletagmanager.com *.google-analytics.com connect.facebook.net *.formlets.com walls.io *.walls.io *.preeco.de *.whistleblowing-compliant.eu *.cloudflare.com decareto.b-cdn.net; img-src data: 'self' maps.gstatic.com *.googleapis.com *.ggpht *.ytimg.com www.google-analytics.com www.facebook.com *.proof-point.com; frame-src 'self' www.youtube.com www.youtube-nocookie.com *.formlets.com *.walls.io *.google.de *.google.com; style-src 'self' 'unsafe-inline' *.googleapis.com; frame-ancestors 'self'; form-action 'self' *.google.de; base-uri 'self';
strict-transport-security
max-age=63072000; includeSubDomains

Links to (6)

Linked from (2)