nexum.com

HTML metadata

Title: Wir machen Unternehmen digital wirksam | nexum AG | nexum AG
Description: Beratung. Technologie. Agentur. 3 Disziplinen, ein Ziel: wir realisieren zukunftsfähige Digital-Projekte mit Relevanz.
Language: de

Open Graph

title: Wir machen Unternehmen digital wirksam | nexum AG
description: Beratung. Technologie. Agentur. 3 Disziplinen, ein Ziel: wir realisieren zukunftsfähige Digital-Projekte mit Relevanz.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (2)

a.storyblok.com×7
www.googletagmanager.com×1

Social

Contact

Phone

Address

KölnVogelsanger Straße 321a50827Köln+49 221 99886-0[email protected]

Registration

Registrar

Mesh Digital Limited

Created

2004-05-19

Expires

2027-05-19 364 days left

Updated

2026-04-19

Name servers

damiete.ns.cloudflare.com
sandra.ns.cloudflare.com

DNS records live

NS

damiete.ns.cloudflare.com
sandra.ns.cloudflare.com

MX

10 nexum-com.mail.protection.outlook.com

TXT

Show 14 TXT records

figma-domain-verification=4e39a99fb1d94db2f2d0aef04929b53cdce2395e314904a73f547d4b5027b944-1727174835
google-site-verification=4lEOb6wMeZvUrDEgpnK4EsPYdOCMLA8wDtIAGievbl8
google-site-verification=hJEjVVKcUtxnKSPZgFORDvNsiGDPCSztvHxlazTAnlU
m0bJLkY2OBwbzkKXcYCREmHtcWZyi3Znc6PACYTllk0yEdQx1iGySYmQY7HwoEZDYdm5hHzeKM1JhYEIL2gANA
2okbvsdupomrkh3c2b73rn6f46
MS=ms12500198
anthropic-domain-verification-wpfk4x=WMG8ijWqb0W9TWXTWqNDXH4aA
apple-domain-verification=QsjipjAYMvUwuDkN
atlassian-domain-verification=aA01km0NlFLVaQq132aQYXyvACRnyiSlqr/iU9BMgARcBeY1Dpm98S4JyDkn2hjB
atlassian-sending-domain-verification=4a9603fc-2823-4fd2-9e90-a9ef66825cb4
cl157qcb53g621qbclurbbr9p2
docusign=e66ca293-abd8-4572-891e-126ae46c27a0
f6hkf6o3hh964029rq467tolc6
facebook-domain-verification=20z77saeu8zncq0j1boxa7pvcb08hq

Email authentication weak

SPF

v=spf1 mx include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

not published

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

WE1

from 2026-05-16 to 2026-08-14

Expires in 86 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.nexum.com/de

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: camera=(), microphone=(), geolocation=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' *.googleapis.com *.gstatic.com *.google-analytics.com *.googletagmanager.com www.googleadservices.com region1.analytics.google.com static.doubleclick.net stats.g.doubleclick.net www.clarity.ms c.clarity.ms scripts.clarity.ms js-eu1.hsforms.net js.hsforms.net js-eu1.hs-scripts.com js.hs-scripts.com js-eu1.hs-banner.com js.hs-banner.com js-eu1.hscollectedforms.net js.hscollectedforms.net js-eu1.hs-analytics.net js.hs-analytics.net js-eu1.hubspot.com js.hubspot.com snap.licdn.com api-eu1.hubapi.com *.youtube.com *.vimeo.com *.jsdelivr.net unpkg.com *.cloudflare.com vercel.live app.storyblok.com *.cookiebot.com slsntllgnc.com js-eu1.hsadspixel.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com fonts.googleapis.com *.hsforms.net *.hs-scripts.com *.hubspot.com *.clarity.ms; font-src 'self' data: fonts.gstatic.com fonts.googleapis.com a.storyblok.com *.hsforms.net *.hubspot.com *.clarity.ms; img-src 's
strict-transport-security: max-age=31536000; includeSubDomains; preload