oevb.de

.de crawl

First seen 2026-04-15 · Last seen 2026-05-15 · ok HTTP/1.1 200 1366 ms crawled 2026-05-10

DE · 3.64.78.150 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

sector finance type homepage

HTML metadata

Title: ÖVB Versicherungen aus Bremen | ÖVB
Description: ÖVB: Fair versichert seit über 90 Jahren. Wir bieten Ihnen Sicherheit und Schutz in allen Lebenslagen. Informieren Sie sich jetzt über unser Angebot.
Language: de
Canonical: https://www.oevb.de/de

Technology

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (2)

web.cmp.usercentrics.eu×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

+498003043600

Address

Martinistr. 30, 28195, Bremen, DE

Registration

Updated

2014-03-24

Name servers

ns.htp-tel.de.
ns.ivv.de.

DNS records live

NS

ns.htp-tel.de
ns.ivv.de

MX

10 mx.ivv.de

TXT

Show 5 TXT records

QuoVadis=83a3f34a-d816-4e78-ae3d-88da665fdbb4
google-site-verification=Kq6V5Tp9pCuTxLdqrPPETG3gc9Sx0WWJFSYUhLzIHA4
swisssign-check=tQ9r8iOI3qO_vaXEu1I85FYkqA4
MS=ms94906825
adobe-idp-site-verification=85301b59fa807c2a11a420742d6eb06172266112b755f5ffae063b94d94f2d2b

Email authentication weak

SPF: v=spf1 ip4:81.14.148.0/24 ip4:193.111.216.0/22 mx include:oev.de ?all
neutral (?all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

from 2026-03-25 to 2026-06-24

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.oevb.de/de

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=*, gyroscope=(), keyboard-map=(self), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: font-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.gstatic.com data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://chatbot.vgh-1.c-w.de https://web.cmp.usercentrics.eu https://gtm.oevb.de https://maps.googleapis.com https://api.eu1.exponea.com https://region1.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://consent-api.service.consent.usercentrics.eu https://v1.api.service.cmp.usercentrics.eu https://gtm.oevb.de https://search.vgh-1.c-w.de https://maps.googleapis.com https://graphql.usercentrics.eu wss://chatbot-backend.vgh-1.c-w.de https://fonts.gstatic.com https://api.eu1.exponea.com https://ms-website-prod.ivv.de https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com h