rapunzel.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 2279 ms crawled 2026-05-19

DE · 185.215.158.240 · AS15817 Mittwald CM Service GmbH & Co. KG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: RAPUNZEL NATURKOST - Wir machen Bio aus Liebe
Description: Rapunzel Naturkost – Hersteller und Anbieter für Bio-Lebensmittel, Bio-Rezepte und Bio-Produkte in ausgezeichneter Qualität – fair gehandelt seit 1974.
Language: de-de
Generator: TYPO3 CMS
Canonical: https://www.rapunzel.de/

Technology

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (4)

app.usercentrics.eu×3
privacy-proxy.usercentrics.eu×3
api.usercentrics.eu×1
www.googletagmanager.com×1

Social

Registration

Updated

2026-03-26

Name servers

a.ns14.net.
b.ns14.net.
c.ns14.net.
d.ns14.net.

DNS records live

NS

a.ns14.net
b.ns14.net
c.ns14.net
d.ns14.net

MX

0 rapunzel-de.mail.protection.outlook.com

TXT

atlassian-sending-domain-verification=a47aaf37-4ac7-43c2-94a4-e5020f9ca3fe
domainVerification=c8792530-4b8b-4aee-ad12-7cf4218115e0

Verified for

Apple
Atlassian
GlobalSign
Microsoft
Microsoft 365
TeamViewer

Email authentication partial

SPF

v=spf1 ip4:194.6.208.109 ip4:80.149.215.214 ip4:20.50.178.65 ip4:212.211.163.198 ip4:212.211.132.232 ip6:2a00:f48:1008::208:109:10 include:_spf.zimpel.de include:spf.protection.outlook.com include:spf-de.emailsignatures365.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc-reports-rua@rapunzel.de; ruf=mailto:dmarc-reports-ruf@rapunzel.de; fo=1; adkim=r; aspf=r

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSTIVDIV5e1vRF4sTwpGOM1HPh0cByWkM64yZIcmvBdBCKvJ3aDaU4zEfBHkpq254LWNvj04Yudk2k…

selectors probed

Certificate (current)

R13

from 2026-04-14 to 2026-07-13

Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.rapunzel.de/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' 'nonce-PDQTeHy5Hae2d8iqYMlG7kDmJBrmc05cliVJabtg05lkJiYRGTGk2g' data: https://*.openstreetmap.org 'unsafe-inline' https://*.nootiz.com 'unsafe-eval' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.openstreetmap.org https://www.googletagmanager.com/a https://www.googletagmanager.com https://www.europarl.europa.eu https://pics.mepwatch.eu picsum.photos *.picsum.photos cdn.rapunzel.lights-on.tech *.openstreetmap.org https://*.usercentrics.eu https://*.rapunzel.de; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https://load.nootiz.com *.6bf887ac.sibforms.com https://6bf887ac.sibforms.com; connect-src 'self' data: https://*.openstreetmap.org *.api.nootiz.com https://api.nootiz.com *.nootiz.s3.eu-central-1.amazonaws.com https://www.googletagmanager.com/td https://country.proca.foundation https://widget.proca.app https://api.proca.app https:
strict-transport-security: max-age=31536000; includeSubDomains