herholz.de

.de crawl

First seen 2026-04-21 · Last seen 2026-05-19 · ok HTTP/1.1 200 2177 ms crawled 2026-05-15

DE · 85.13.149.102 · AS34788 Neue Medien Muennich GmbH

Reputation 100/100

Classifying

HTML metadata

Title

Türen & Innentüren – Finde Sie Ihre passende Tür! | Herholz

Description

Ob stilvolle Innentür oder moderne Funktionstür – entdecken Sie hochwertige Türen in verschiedenen Designs. Jetzt die perfekte Tür für Ihr Zuhause finden!

Language

de-DE

Generator

TYPO3 CMS

Canonical

https://www.herholz.de/

Translations

de ×2
en
fr
it

Technology

Server: nginx

Analytics

Google Tag Manager

Third-party hosts loaded (3)

www.herholz.ch×3
maps.googleapis.com×1
www.googletagmanager.com×1

Social

Registration

Updated

2023-06-15

Name servers

ns.udag.de.
ns.udag.net.
ns.udag.org.

DNS records live

NS

ns.udag.de
ns.udag.net
ns.udag.org

MX

10 smail-hbs-mta1.dts-security.de
20 smail-hbs.dts-security.de

Email authentication strong

SPF

v=spf1 include:hbs.de -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:protection@hbs.de; fo=1

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdumAZUUtHfdGgT9wuYzTJrOIvgnJ5IywGR5WUw0pFG8Ae6YopzAN2QbWwW2ewfTCF3e51dU/Dhf23…

selectors probed

Certificate (current)

from 2026-04-08 to 2026-07-07

Expires in 48 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.herholz.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' static.newsletter2go.com analytics.itm-systems.com *.google-analytics.com www.googletagmanager.com tagmanager.google.com maps.google.com maps.googleapis.com *.usercentrics.eu; connect-src 'self' api.newsletter2go.com *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.usercentrics.eu; img-src 'self' analytics.itm-systems.com files.newsletter2go.com www.google-analytics.com *.gstatic.com www.googletagmanager.com www.google.com www.google.de *.googleapis.com maps.google.com *.usercentrics.eu *.e-recht24.de data:; style-src 'self' 'unsafe-inline' tagmanager.google.com; base-uri 'self'; font-src 'self' data: fonts.gstatic.com ; frame-src analytics.itm-systems.com www.google.com www.youtube.com www.youtube-nocookie.com; style-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com; child-src 'none'; object-src 'none'; worker-src 'self' blob:;
strict-transport-security: max-age=31536000; includeSubDomains