medicover-diagnostics.de

.de crawl

First seen 2026-05-15 · Last seen 2026-05-20 · ok HTTP/1.1 200 6798 ms crawled 2026-05-20

US · 76.76.21.21 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Medicover Diagnostics
Description: Genetische Diagnostik & Genetische Beratung München-Martinsried | Gen Panel Analysen - NIPT - Laboratoriumsdiagnostik - Mikrobiologie & Virologie
Language: de

Technology

CDN: Vercel
CMS: WordPress
JS framework: Next.js

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (3)

cdn.eye-able.com×1
web.cmp.usercentrics.eu×1
www.googletagmanager.com×1

Contact

Address: Lochhamer Str. 29, 82152, Martinsried, DE

Registration

Updated

2022-02-02

Name servers

dns1.cscdns.net.
dns2.cscdns.net.

DNS records live

NS

dns1.cscdns.net
dns2.cscdns.net

MX

10 mx.emea.email.fireeyecloud.com

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:_spf.medicover.com include:spf.protection.outlook.com include:_spf.fireeyecloud.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_reports@medicover.pl; pct=100; adkim=r; aspf=r;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wgHVVnxg6K4OCKW5lbt5ojQ9qqb+ERVQi5uAoMSoQ+M8dAaQmXDHpnYTAglCa32wqtTHABkL2UgzW…

selectors probed

Certificate (current)

R12

from 2026-04-16 to 2026-07-15

Expires in 55 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.medicover-diagnostics.de/

present

strict-transport-security
content-security-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(self), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=()
content-security-policy: frame-ancestors 'self' *.myraidbox.de medico-26496.vasil-ams.servebolt.cloud medico-26497.vasil-ams.servebolt.cloud medico-24644.siv-ams.servebolt.cloud medico-28276.vasil-ams.servebolt.cloud backend.medicover-wordpress.ddev.site 'self' medico-26496.vasil-ams.servebolt.cloud medico-26497.vasil-ams.servebolt.cloud medico-24644.siv-ams.servebolt.cloud medico-24746.siv-ams.servebolt.cloud backend.medicover-wordpress.ddev.site vercel.live; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googlesyndication.com *.googleapis.com *.cookiebot.com www.googletagmanager.com tagmanager.google.com www.google.com www.google.de www.gstatic.com www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net vercel.live connect.facebook.net cdn.vercel-insights.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com app.usercentrics.eu widget.customer-alliance.com privacy-proxy.usercentrics.eu https://web.cmp.usercentrics.eu cdn.eye-able.com acc
strict-transport-security: max-age=63072000

Linked from (1)

medicover.de×1