oesa.de

.de crawl

First seen 2026-04-14 · Last seen 2026-05-17 · ok HTTP/1.1 200 5761 ms crawled 2026-05-08

DE · 52.58.237.66 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Startseite | ÖSA
Description: ✓ Ihr Versicherer in Sachsen-Anhalt ✓ Wir bieten Ihnen Sicherheit und Schutz in allen Lebenslagen ✓ Umfangreiches Angebot
Language: de
Canonical: https://www.oesa.de/de

Technology

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (2)

web.cmp.usercentrics.eu×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

493917367367

Address

Am Alten Theater 7, 39104, Magdeburg, DE

Registration

Updated

2012-03-07

Name servers

ns.htp-tel.de.
ns.ivv.de.

DNS records live

NS

ns.htp-tel.de
ns.ivv.de

MX

10 mx.ivv.de

TXT

Show 8 TXT records

google-site-verification=K0Zz2kiFQcF9bQyOBleEOF0vBdVBk-J-Qlw8RulKLDI
adobe-idp-site-verification=85301b59fa807c2a11a420742d6eb06172266112b755f5ffae063b94d94f2d2b
google-site-verification=pcTDdMF09nB7GUzAT8X6KF0ANecfeH0HiEZWLybIqQQ
swisssign-check=x-7M7IY1IwteusSGDLtGQ0p6vNQ
MS=ms26195947
cisco-ci-domain-verification=1ab158548550cf54918d76bf396f5aa9afa0aebd28d42d549f1f7770e8580096
zone-ownership-verification-e03bc92c96f8f298fb9c9f7bc32e64f339a9100f60f087ed6ff018c46f75f3c0
QuoVadis=f36f73aa-88d9-4e09-92f1-49818db05d7c

Email authentication weak

SPF: v=spf1 ip4:81.14.148.0/24 ip4:193.111.216.0/22 mx include:oev.de ?all
neutral (?all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

from 2026-03-25 to 2026-06-24

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.oesa.de/de

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=*, gyroscope=(), keyboard-map=(self), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: font-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.gstatic.com data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://chatbot.vgh-1.c-w.de https://web.cmp.usercentrics.eu https://gtm.oesa.de https://maps.googleapis.com https://api.eu1.exponea.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://hochwassercheck.dieversicherer.de; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://consent-api.service.consent.usercentrics.eu https://v1.api.service.cmp.usercentrics.eu https://gtm.oesa.de https://search.vgh-1.c-w.de https://maps.googleapis.com https://graphql.usercentrics.eu wss://chatbot-backend.vgh-1.c-w.de https://fonts.gstatic.com https://api.eu1.exponea.com https://ms-website-prod.ivv.de https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.