indexo.dev

heristo-karriere.de

.de crawl

First seen 2026-04-20 · Last seen 2026-05-16 · ok HTTP/1.1 200 1247 ms crawled 2026-05-13

DE · 217.160.0.253 · AS8560 IONOS SE

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
heristo | Karriere in der heristo Gruppe
Description
Feinschmecker oder Anpacker? Auf heristogether.de finden Sie Ihre neue Herausforderung! Vielfältige Bereiche & attraktive Perspektiven. Jetzt mehr erfahren!
Language
de
Generator
Drupal 11 (https://www.drupal.org)
Canonical
https://www.heristo-karriere.de/
Translations
  • de

Open Graph

url
https://www.heristo-karriere.de/node/1977
title
heristo | Karriere in der heristo Gruppe
site name
Heristo Karriere
description
Feinschmecker oder Anpacker? Auf heristogether.de finden Sie Ihre neue Herausforderung! Vielfältige Bereiche & attraktive Perspektiven. Jetzt mehr erfahren!

Technology

Server
Apache
CMS
Drupal
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot

Third-party hosts loaded (2)

  • consent.cookiebot.com×1
  • www.googletagmanager.com×1

Registration

Updated
2025-03-11
Name servers
  • ns1028.ui-dns.org.
  • ns1068.ui-dns.de.
  • ns1073.ui-dns.com.
  • ns1124.ui-dns.biz.

DNS records live

NS
  • ns1028.ui-dns.org
  • ns1068.ui-dns.de
  • ns1073.ui-dns.com
  • ns1124.ui-dns.biz
MX
  • 10 mx00.ionos.de
  • 10 mx01.ionos.de
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:_spf-eu.ionos.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-02-26 to 2027-03-13
Expires in 296 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.heristo-karriere.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://webcache-eu.datareporter.eu https://cdn.jsdelivr.net https://*.cookiebot.com https://*.consentcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://*.softgarden.io https://*.softgarden.de https://jobspreader.com https://connect.facebook.net https://www.facebook.com https://analytics.tiktok.com https://*.doubleclick.com https://*.doubleclick.net https://*.googleadservices.com; style-src 'self' 'unsafe-inline' https://webcache-eu.datareporter.eu https://fonts.googleapis.com https://*.googletagmanager.com; img-src 'self' data: https://*.tile.openstreetmap.de https://images.example.com https://*.softgarden.io https://*.softgarden.de https://*.googletagmanager.com https://*.cookiebot.com https://*.facebook.com; font-src 'self' data: https://webcachex-eu.datareporter.eu https://fonts.gstatic.com; connect-src 'self' https://webcache-eu.datareporter.eu https://swarmcrawler.datareporter.eu https://c.datare
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (5)