indexo.dev

merkur-zeitschrift.de

.de crawl

First seen 2026-04-14 · Last seen 2026-05-17 · ok HTTP/1.1 200 3189 ms crawled 2026-05-08

DE · 92.205.251.92 · AS21499 Host Europe GmbH

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title
Merkur - Die Kulturzeitschrift
Description
Anspruchsvolle Essays zu Kultur, Politik & Gesellschaft. Analysen ohne Agenda - für Leser:innen, die sich selbst ein Urteil bilden. Jetzt lesen!
Language
de
Generator
Elementor 4.0.6; features: e_font_icon_svg, additional_custom_breakpoints; settings: css_print_method-external, google_font-enabled, font_display-swap
Canonical
https://www.merkur-zeitschrift.de/

Open Graph

url
https://www.merkur-zeitschrift.de/
title
Merkur - Die Kulturzeitschrift
locale
de_DE
site name
Merkur
description
Anspruchsvolle Essays zu Kultur, Politik & Gesellschaft. Analysen ohne Agenda - für alle, die sich selbst ein Urteil bilden. Jetzt lesen

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • aab06a3b93534ca4b81448f602ebae89.js.ubembed.com×1
  • gmpg.org×1
  • pubengine.s3.eu-central-1.amazonaws.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Updated
2020-11-30
Name servers
  • ns11.zainternet.net.
  • ns7.za-internet.net.
  • ns8.za-domain.de.

DNS records live

NS
  • ns11.zainternet.net
  • ns7.za-internet.net
  • ns8.za-domain.de
MX
  • 10 mx01.hornetsecurity.com
  • 20 mx02.hornetsecurity.com
  • 30 mx03.hornetsecurity.com
  • 40 mx04.hornetsecurity.com
TXT
  • 21spbsplgkq67m1acls27o0c16
Verified for
  • Microsoft 365

Email authentication weak

SPF
v=spf1 ip4:94.186.152.96/28 include:spf.hornetsecurity.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Starfield Secure Certificate Authority - G2
from 2026-01-05 to 2027-02-04
Expires in 259 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://www.merkur-zeitschrift.de/

present
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (4)

Linked from (3)