nexia.de

HTML metadata

Title

Nexia - Wirtschaftsprüfer, Steuerberater, Rechtsanwälte, Unternehmensberater

Description

Wir bieten als bundesweit tätige Wirtschaftsprüfungs- und Steuerberatungsgesellschaft ausgezeichnete Leistungen für unsere Mandanten mit Fokus auf dem Mittelstand – national und international.

Language

de

Generator

TYPO3 CMS

Canonical

https://www.nexia.de/

Translations

de
en

Technology

Server: Apache

Social

Registration

Updated

2026-01-30

Name servers

ns05.domaincontrol.com.
ns06.domaincontrol.com.

DNS records live

NS

ns05.domaincontrol.com
ns06.domaincontrol.com

MX

0 nexia-de.mail.protection.outlook.com

TXT

Show 5 TXT records

tp6p2mjp5e98quuibkoqaruiun
_telesec-domain-validation=DBPLZYS5VM2F6BLLGK2CBOXX43JBMVJLXS7ADCEZ12A1DH6A7BDH0DZIMJ96ABT1
spycloud-domain-verification=4fedf149-83a0-4b5f-9d92-bf027c3de2b0
spycloud-domain-verification=fdf83c2b-7e86-4486-a6c8-28afc69ee26b
deepl-domain-verification=68e2d62e8bfb4a359b2dc9a50f1dbaab

Verified for

Apple
Atlassian
Microsoft 365
Miro

Email authentication strong

SPF

v=spf1 ip4:51.124.23.28 ip4:51.116.133.41 ip4:83.246.89.68 a:mail.fp-sign.com include:spf.protection.outlook.com include:spf-de.emailsignatures365.com include:spf.zoho.eu include:eu.transmail.net include:spf.everscreen-hosting.de include:datevnet._spf.datev.de -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; pct=100; rua=mailto:Dmarc-rua@nexia.de; ruf=mailto:Dmarc-ruf@nexia.de

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNjOwj2dofg7H+Ygek/U90Q2ByPxUX9S+Uwopz+YR9DLWloJsMvglgD9OJBJGBgDrIn3tqoZRbiEjV…

selectors probed

Certificate (current)

R12

from 2026-04-27 to 2026-07-26

Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nexia.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=(), fullscreen=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' blob: consent.cookiefirst.com; script-src-elem 'self' 'unsafe-inline' blob: consent.cookiefirst.com *.doubleclick.net www.google-analytics.com www.googletagmanager.com cdn.jsdelivr.net www.xing-share.com www.google.com; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' consent.cookiefirst.com; img-src 'self' data: consent.cookiefirst.com *.basemaps.cartocdn.com *.doubleclick.net www.googletagmanager.com www.google.com www.google.de www.google-analytics.com; font-src 'self' consent.cookiefirst.com; connect-src 'self' api.friendlycaptcha.com consent.cookiefirst.com edge.cookiefirst.com api.cookiefirst.com nominatim.openstreetmap.org *.doubleclick.net www.google.com www.google-analytics.com; frame-src 'self' www.googletagmanager.com www.youtube.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: unsafe-none

Links to (3)

Linked from (1)

moselmusikfestival.de×2