ivv.de

.de dns crawl

First seen 2026-05-02 · Last seen 2026-05-18 · ok HTTP/1.1 200 2259 ms crawled 2026-05-08

DE · 52.58.237.66 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

sector other type homepage

HTML metadata

Title: Home
Language: de
Canonical: https://ivv.de/de

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Phone

+49 (0) 800 844 0900

Registration

Updated

2012-03-07

Name servers

ns.htp-tel.de.
ns.ivv.de.

DNS records live

NS

ns.htp-tel.de
ns.ivv.de

MX

10 mx.ivv.de

TXT

Show 8 TXT records

apple-domain-verification=GJqNVfdXzDvXYgEE
adobe-idp-site-verification=85301b59fa807c2a11a420742d6eb06172266112b755f5ffae063b94d94f2d2b
swisssign-check=EGk1__V3y5-OYfaTk4PYQK2fjfI
QuoVadis=4469e667-b420-474a-9b35-c77afc648560
cisco-ci-domain-verification=376e7abe0434312cbee3ffc8c531ba135f1ea7bd8fd85b02e26fbaf9000a9605
Dynatrace-site-verification=38ecbb33-4d72-4069-b4e1-5a5d7f9e8839__pqnd8ik1pkcrvopnnfa6es8grl
MS=141B9530676ECCF4E28F42560B5E8D4D8E693F96
MS=ms10957082

Email authentication partial

SPF: v=spf1 mx include:_spf.ivv.de ~all
softfail (~all)
DMARC: v=DMARC1; p=none; sp=none; pct=100; rua=mailto:postmaster@ivv.de; ruf=mailto:postmaster@ivv.de; ri=86400; fo=1
policy: none (monitoring only) · sp=none
DKIM: no key found at common selectors

Certificate (current)

SwissSign RSA TLS OV ICA 2022 - 1

from 2025-10-20 to 2026-10-20

Expires in 153 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://ivv.de/de

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=*, gyroscope=(), keyboard-map=(self), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: font-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.gstatic.com data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://chatbot.vgh-1.c-w.de https://web.cmp.usercentrics.eu https://gtm.vgh.de https://maps.googleapis.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://consent-api.service.consent.usercentrics.eu https://v1.api.service.cmp.usercentrics.eu https://gtm.vgh.de https://search.vgh-1.c-w.de https://maps.googleapis.com https://graphql.usercentrics.eu wss://chatbot-backend.vgh-1.c-w.de https://fonts.gstatic.com https://ms-website-prod.ivv.de https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.<TLD> https://pagead2.googlesyndication.com h