schloss-gessenberg.de

.de crawl

First seen 2026-04-22 · Last seen 2026-05-12 · ok HTTP/1.1 200 2677 ms crawled 2026-05-16

FR · 92.205.213.144 · AS21499 Host Europe GmbH

Reputation 100/100

Classifying

HTML metadata

Title

Schloss Gessenberg

Language

Canonical

https://schloss-gessenberg.de/

Feeds

Technology

Server: nginx
CMS: WordPress

Third-party hosts loaded (1)

gmpg.org×1

Contact

Email

info@schloss-gessenberg.de

Phone

Registration

Updated

2023-07-01

Name servers

ns19.domaincontrol.com.
ns20.domaincontrol.com.

DNS records live

NS

ns19.domaincontrol.com
ns20.domaincontrol.com

MX

100 mxlb.ispgateway.de

Email authentication strong

SPF: v=spf1 mx a include:ispgateway.de ~all
softfail (~all)
DMARC: v=DMARC1; p=quarantine
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

Starfield Secure Certificate Authority - G2

from 2025-05-05 to 2026-05-28

Expires in 8 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://schloss-gessenberg.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), camera=(), microphone=(self), payment=(self), usb=(), bluetooth=(), fullscreen=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.smoobu.com https://*.smoobu.net https://*.cloudflare.com https://*.stripe.com; connect-src 'self' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.smoobu.com https://*.smoobu.net https://*.cloudflare.com https://*.stripe.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.smoobu.com https://*.smoobu.net https://*.cloudflare.com https://*.stripe.com; font-src 'self' data:; frame-src 'self' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.smoobu.com https://*.smoobu.net https://*.cloudflare.com https://*.stripe.com; child-src 'self'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none; report-to='default'
cross-origin-resource-policy: cross-origin

Links to (1)

graphicfactory.de×2

Linked from (1)

graphicfactory.de×2