haemostaseologicum-mitte.com

.com crawl

First seen 2026-05-15 · Last seen 2026-05-20 · ok HTTP/1.1 200 2449 ms crawled 2026-05-20

US · 216.150.1.193 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Haemostaseologicum Mitte
Language: de

Technology

CDN: Vercel
CMS: Next.js
JS framework: Next.js

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (4)

cdn.eye-able.com×1
medico-26497.vasil-ams.servebolt.cloud×1
web.cmp.usercentrics.eu×1
www.googletagmanager.com×1

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2016-07-25

Expires

2026-07-25 65 days left

Updated

2025-07-21

Name servers

dns1.cscdns.net
dns2.cscdns.net

DNS records live

NS

dns1.cscdns.net
dns2.cscdns.net

MX

10 mx.emea.email.fireeyecloud.com

Verified for

Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:80.149.206.202 include:_spf.medicover.com include:spf.protection.outlook.com include:_spf.fireeyecloud.com include:spf.DE.exclaimer.net -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:postmaster@medit-service.de; ruf=mailto:postmaster@medit-service.de; fo=1

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DTZX5bH+ekutJdjlEjgz7EhwjESnsfY6DJ1ZXp4vfmsKJlGUFXOHLUitmnqB21DCjWdtyLhJE55vT…

selectors probed

Certificate (current)

R12

from 2026-04-21 to 2026-07-20

Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.haemostaseologicum-mitte.com/

present

strict-transport-security
content-security-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(self), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=()
content-security-policy: frame-ancestors 'self' *.myraidbox.de medico-26496.vasil-ams.servebolt.cloud medico-26497.vasil-ams.servebolt.cloud medico-24644.siv-ams.servebolt.cloud medico-28276.vasil-ams.servebolt.cloud backend.medicover-wordpress.ddev.site 'self' medico-26496.vasil-ams.servebolt.cloud medico-26497.vasil-ams.servebolt.cloud medico-24644.siv-ams.servebolt.cloud medico-24746.siv-ams.servebolt.cloud backend.medicover-wordpress.ddev.site vercel.live; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googlesyndication.com *.googleapis.com *.cookiebot.com www.googletagmanager.com tagmanager.google.com www.google.com www.google.de www.gstatic.com www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net vercel.live connect.facebook.net cdn.vercel-insights.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com app.usercentrics.eu widget.customer-alliance.com privacy-proxy.usercentrics.eu https://web.cmp.usercentrics.eu cdn.eye-able.com acc
strict-transport-security: max-age=63072000

Linked from (1)

medicover.de×1