hermes-immobilien.com
HTML metadata
Technology
- Server
- nginx
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (3)
- code.jquery.com×1
- consent.cookiebot.com×1
- maps.googleapis.com×1
Social
Contact
- Phone
Registration
- Registrar
- Mesh Digital Limited
- Created
- 2002-07-31
- Expires
- 2026-07-31 72 days left
- Updated
- 2025-07-30
- Name servers
-
- ns03.domaincontrol.com
- ns04.domaincontrol.com
DNS records live
- NS
-
- ns03.domaincontrol.com
- ns04.domaincontrol.com
- MX
-
- 0 hermesimmobilien-com01e.mail.protection.outlook.com
- Verified for
-
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCCgnTB2JwrnKiqvyne/F70cNBNrLe8DgLV50O/JkKZ0/PhDNGXJo+wV2M6PV/9OJ9JB303OrI92t2upALCH…
selectors probed - selector1:
Certificate (current)
Starfield Secure Certificate Authority - G2
Expires in 178 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'self' https://www.hermes-immobilien.com https://maps.gstatic.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com https://cdn.dsl-factory.de https://www.google-analytics.com; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data:- strict-transport-security
max-age=31536000; includeSubdomains; preload