indexo.dev

gutmann.de

.de crawl

First seen 2026-04-21 · Last seen 2026-05-18 · ok HTTP/1.1 200 1359 ms crawled 2026-05-15

DE · 78.46.10.104 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title
GUTMANN
Description
GUTMANN Bausysteme Ihr Partner für innovative Lösungen und herausragendes Design. Präzision in Aluminium. Ihr Spezialist für Fenster, Türen- & Fassadensysteme.
Language
de-DE
Generator
All in One SEO (AIOSEO) 4.9.7.1
Canonical
https://gutmann.de/
Translations
  • de
  • en
  • fr
Feeds

Open Graph

url
https://gutmann.de/
title
GUTMANN
locale
de_DE
site name
GUTMANN – Ihr Partner für Aluminiumlösungen - Gutmann
description
GUTMANN Bausysteme Ihr Partner für innovative Lösungen und herausragendes Design. Präzision in Aluminium. Ihr Spezialist für Fenster, Türen- & Fassadensysteme.

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • www.googletagmanager.com×1
  • www.tuulo.de×1

Social

Registration

Updated
2022-06-09
Name servers
  • ns1.your-server.de.
  • ns3.second-ns.de.
  • ns.second-ns.com.

DNS records live

NS
  • ns.second-ns.com
  • ns1.your-server.de
  • ns3.second-ns.de
MX
  • 0 gutmann-de.mail.protection.outlook.com
TXT
Show 5 TXT records
  • pnGn69uclK+qQ5kJnUEk+tj2dDLZLheDoXGILVve0G7vv37M50irJryy1OXk47I4oTl4wOqEmqC5NjjUsY0+oQ==
  • MS=ms43111767
  • apple-domain-verification=nnhwm2jQEj8X0wCB
  • knowbe4-site-verification=fceb6359cb00284f91c02be4bb5a43c2
  • l9kpz9qdmbzjz1tx24y9clf3vcpgmf1f

Email authentication strong

SPF
v=spf1 mx ip4:217.243.143.254 ip4:88.217.169.182 include:spf.protection.outlook.com include:spf.crsend.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine; ruf=mailto:it-services@gutmann.de; fo=d
policy: quarantine · sp=quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDwvW+h4h4+IznmwO0qahJmoiMWtULMKBgdk4BvnrIiyF+mIRkZXVPkmceNy07tk1iIPUUb++ohvl8ekVwW+A…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNddkgG2QRIVi3EUDLIwEYZzC/LWbmMk3WoU7vTW75t3V6AhfkcL/xmfSD3b4PeUVEUJic04/Ni2xP…
selectors probed

Certificate (current)

Thawte TLS RSA CA G1
from 2025-08-22 to 2026-09-09
Expires in 112 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://gutmann.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • weak content type protection
Header values
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN, SAMEORIGIN
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=(), accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://ams.wpml.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://ams.wpml.org; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com https://www.tuulo.de https://*.openstreetmap.org; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests; frame-src 'self' blob: https://www.youtube.com/ https://www.youtube-nocookie.com/ https://www.primandis.de/ https://youtu.be/; connect-src 'self' https://ams.wpml.org https://nominatim.openstreetmap.org https://www.google-analytics.com https://region1.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://ams.wpml.org;
strict-transport-security
max-age=63072000, max-age=63072000
cross-origin-opener-policy
unsafe-none, unsafe-none
cross-origin-embedder-policy
unsafe-none; report-to='default', unsafe-none; report-to='default'
cross-origin-resource-policy
cross-origin, cross-origin

Links to (7)

Linked from (2)