injoy.de

HTML metadata

Title

INJOY Fitnessstudios – Muskeltraining beim Testsieger

Description

Gesund, individuell & nachhaltig: INJOY bietet gesundheitsorientiertes Muskeltraining und persönliche Betreuung. Starte jetzt mit Fitness beim Testsieger!

Language

de-DE

Canonical

https://www.injoy.de/

Translations

de-at
de-de

Open Graph

title: INJOY Fitnessstudios – Muskeltraining mit Betreuung
description: Gesund, individuell & zielgerichtet: INJOY bietet Muskeltraining mit System und persönlicher Betreuung. Starte jetzt beim Testsieger!

Technology

CDN: Vercel
CMS: Next.js

Third-party hosts loaded (1)

www.injoy.at×1

Social

Contact

Address: Valentin-Linhof-Straße 8, 81829, München, DE

Registration

Updated

2023-02-16

Name servers

ns01.agenturserver.co.
ns01.agenturserver.de.
ns01.agenturserver.it.

DNS records live

NS

ns01.agenturserver.co
ns01.agenturserver.de
ns01.agenturserver.it

MX

10 mx1.agenturserver.de
10 mx2.agenturserver.de
20 mx3.agenturserver.de
50 mx4.agenturserver.de

TXT

brevo-code:095db72142f59bd380dad7eb6241f174
google-site-verification=Yd0NxxXn9ckbSjbtugGm-r-N_lco4gmToEd9g9dqYjU
facebook-domain-verification=dmrrpq2vgzjpc5r0ns9yfbhd7rzcng

Email authentication strong

SPF

v=spf1 include:agenturserver.de ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com

policy: none (monitoring only)

DKIM

mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiVS9G03ziJkyWc+YAWgFRgs6QJB8vAbfRlDYu+jqROe1VLSQLhZ8Ve64j0iwfLq+OUbZwJdaJuTIFmjm/…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHYX5uvYII6hK65/rsDduMw6TqkCVY60IsNctTm9PnkLrRJ6vP7jyLqN15sFIrBIre4L9pbYTDy1uXGtjc…

selectors probed

Certificate (current)

R12

from 2026-03-15 to 2026-06-14

Expires in 26 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.injoy.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.youtube.com https://player.youtube.com https://s.ytimg.com https://www.youtube-nocookie.com https://vercel.live https://va.vercel-scripts.com https://maps.googleapis.com https://cdn-cookieyes.com *.cookieyes.com https://sst.injoy.de https://connect.facebook.net https://www.googletagmanager.com https://*.doubleclick.net; frame-src 'self' https://sst.injoy.de https://www.youtube-nocookie.com https://www.youtube.com https://youtube.com https://vercel.live https://www.googletagmanager.com https://fonts.googleapis.com https://www.google.com https://my.matterport.com https://assets.ctfassets.net https://tours.nexpics.com/ https://mpembed.com/ https://panos.highfoto.at/ https://cdn-cookieyes.com *.cookieyes.com https://*.injoy.de https://*.ctfassets.net blob: data:; style-src 'self' 'unsafe-inline' https://vercel.live https://www.googletagmanager.com https://fonts.googleapis.com https://cdn-cookieyes.com https://c
strict-transport-security: max-age=63072000