indexo.dev

nizoral.at

.at crawl

First seen 2026-05-29 · Last seen 2026-05-31 · ok HTTP/1.1 200 879 ms crawled 2026-05-31

NL · 98.64.90.203 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Nizoral® von STADA: Effektiv gegen die Ursache von Schuppen | Nizoral
Description
Schuppige, juckende und gerötete Kopfhaut? Nizoral® mit dem Wirkstoff Ketoconazol 2% behandelt die Ursache von Schuppen.
Language
de-AT
Canonical
https://www.nizoral.at/

Open Graph

url
https://www.nizoral.at/
title
Nizoral® von STADA: Effektiv gegen die Ursache von Schuppen | Nizoral
site name
Nizoral
description
Schuppige, juckende und gerötete Kopfhaut? Nizoral® mit dem Wirkstoff Ketoconazol 2% behandelt die Ursache von Schuppen.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • smart.styria-digital.com×1
  • www.googletagmanager.com×1

Contact

Phone

DNS records live

NS
  • ns1.opportunity.de
  • ns2.opportunity.de
  • ns3.opportunity.de
TXT
  • tSn+2FPnH5G0HvwNaxuRyt58B0jGv20yT2Ujb2hp0ZA=
  • byz87YdlrPfgn+l9EmxIP1Ma/x0upRPjdbvvyYM8NqE=
Verified for
  • GlobalSign

Email authentication no MX

SPF
v=spf1 -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; fo=1; ri=3600; rua=mailto:9b1c90e3@inbox.ondmarc.com; ruf=mailto:9b1c90e3@inbox.ondmarc.com;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-18 to 2026-07-17
Expires in 46 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.nizoral.at/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src 'self' use.typekit.net; frame-src 'self' *.google.com *.youtube.com *.youtube-nocookie.com *.facebook.com *.fls.doubleclick.net *.cookiebot.com; img-src 'self' *.juicer.io dashboard.umbraco.org *.usercentrics.eu *.google-analytics.com *.google.com *.google.co.uk maps.gstatic.com maps.googleapis.com *.facebook.com *.styria-digital.com *.cookiebot.com data:; media-src *; object-src *; script-src 'self' ajax.aspnetcdn.com *.usercentrics.eu maps.googleapis.com *.googletagmanager.com *.google-analytics.com *.youtube.com *.googleadservices.com googleads.g.doubleclick.net *.google.com *.gstatic.com stats.motioncreator.net ajax.googleapis.com connect.facebook.net s2.adform.net track.adform.net matomo614699.activartlab.com *.cookiebot.com 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; manifest-src 'self';
strict-transport-security
max-age=31536000; preload

Links to (1)

Linked from (1)