heraeus-gold.de

.de crawl

First seen 2026-04-13 · Last seen 2026-05-20 · ok HTTP/1.1 200 783 ms crawled 2026-05-07

NL · 20.71.194.195 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title: Heraeus Gold | Gold- und Silberbarren kaufen
Description: Heraeus Gold online kaufen – direkt vom Hersteller. Sicher, zuverlässig und vertrauenswürdig. Kaufen Sie noch heute Gold online.
Language: de-DE
Canonical: https://www.heraeus-gold.de/

Open Graph

url: https://www.heraeus-gold.de/
title: Heraeus Gold | Gold- und Silberbarren kaufen
site name: Heraeus Gold
description: Heraeus Gold online kaufen – direkt vom Hersteller. Sicher, zuverlässig und vertrauenswürdig. Kaufen Sie noch heute Gold online.

Technology

Server: Microsoft-Azure-Application-LB

Analytics

Google Tag Manager

Third-party hosts loaded (4)

azweust1ieh606.blob.core.windows.net×62
azweust1pnl964.blob.core.windows.net×4
consent.cookiefirst.com×1
www.googletagmanager.com×1

Contact

Email

Phone

+496181353535

Registration

Updated

2025-12-01

Name servers

ns5.adacor.net.
ns.global.adacor.net.

DNS records live

NS

ns.global.adacor.net
ns5.adacor.net

MX

10 mxa-00125a01.gslb.pphosted.com
10 mxb-00125a01.gslb.pphosted.com

TXT

d607f031912200792e0360ef3e984e35e341976c.mail.heraeus-gold.de ed19f97017a91d60108732484511b01e96c5c9b5
rovag_verification_token=185C22973239464DB965B4EC8F2649F1

Verified for

Google

Email authentication strong

SPF: v=spf1 include:mailbox.org include:spf-00125a04.pphosted.com -all
strict (-all)
DMARC: v=DMARC1; p=quarantine; pct=100
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-12-19 to 2027-01-20

Expires in 244 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.heraeus-gold.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' www.heraeus-gold.de api.friendlycaptcha.com api.cookiefirst.com edge.cookiefirst.com azweust1ieh606.blob.core.windows.net *.google-analytics.com consentcdn.cookiebot.com *.linkedin.com use.fontawesome.com consent.cookiefirst.com js.stripe.com; base-uri 'self'; script-src 'self' www.heraeus-gold.de 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://cdn.jsdelivr.net/npm/ api.friendlycaptcha.com www.googletagmanager.com consent.cookiebot.com snap.licdn.com consent.cookiefirst.com js.stripe.com azweust1ieh606.blob.core.windows.net consent.cookiefirst.com; style-src 'self' www.heraeus-gold.de 'unsafe-inline' use.fontawesome.com consent.cookiefirst.com azweust1ieh606.blob.core.windows.net fonts.googleapis.com consent.cookiefirst.com data:; font-src 'self' fonts.gstatic.com use.fontawesome.com azweust1ieh606.blob.core.windows.net data:; img-src 'self' www.heraeus-gold.de api.friendlycaptcha.com azweust1ieh606.blob.core.windows.net consent.cookiefirst.com azweust1pnl96
strict-transport-security: max-age=31536000; includeSubDomains

Linked from (1)

festspiele-hanau.de×3