spreequell.de

HTML metadata

Title: Spreequell
Description: Wir sind ein Berliner Unternehmen für die Herstellung von naturreinem Mineralwasser und Erfrischungsgetränken. Unsere Produkte sind regional und klimaneutral.
Language: de-DE
Generator: TYPO3 CMS
Canonical: https://www.spreequell.de

Open Graph

title: Spreequell Mineralwasser | Das Beste von uns
image:url: https://www.spreequell.de/fileadmin/data/startseite/og-spreequell-startseite-mineralwasser_twitter_800x418.jpg
description: Unser naturreines Mineralwasser erfrischt einfach Jeden. Mit verschiedenen Glasflaschen haben wir sicher auch das Richtige für Dich dabei.

Technology

Cookie consent

Usercentrics

Third-party hosts loaded (3)

web.eu1.cmp.usercentrics.eu×2
api.usercentrics.eu×1
web.cmp.usercentrics.eu×1

Social

Registration

Updated

2018-04-03

Name servers

dns10.nethinks.com.
dns9.nethinks.com.

DNS records live

NS

dns10.nethinks.com
dns9.nethinks.com

MX

10 mx01.hornetsecurity.com
20 mx02.hornetsecurity.com
30 mx03.hornetsecurity.com
40 mx04.hornetsecurity.com

TXT

atlassian-domain-verification=ZEjN6X860ZtVOFBFn17bdjbzhV5Wx4eTJC/zkaJUzBBpP/tXVl9n4YexuNdmhj4m
MS=ms77087992

Email authentication strong

SPF

v=spf1 ip4:212.218.193.6 ip4:212.218.193.65 a mx ip4:62.159.55.194 ip4:62.159.55.195 ip4:62.159.55.196 ip4:62.159.55.197 ip4:77.246.123.74 ip4:62.75.180.126 ip4:212.53.215.89 include:spf.dcpserver.de include:spf.protection.outlook.com include:spf.hornetsecurity.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400;rua=mailto:dmarcreports@rhoensprudel-gruppe.de

policy: reject (enforced) · sp=none

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8nanLf3wTORobXhQjXaE9e0rqV8VSiZzVLHtDvLzraG2v7JX76Osfj56yfAWSnPEXjCtmaV6LmnG0…

selectors probed

Certificate (current)

R12

from 2026-03-20 to 2026-06-18

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.spreequell.de

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=*, camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=*, geolocation=*, gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), unload=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-B1qmsjwoqLWiB6UDuHIPqNrNubK5dezi3F0yGfQcBz_1oPq6ZCHt9g' 'strict-dynamic' https://*.usercentrics.eu https://*.cookiebot.eu https://*.facebook.net https://*.licdn.com https://plugins.flockler.com https://*.vimeocdn.com https://*.gstatic.com https://analytics.rhoensprudel-gruppe.de 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.usercentrics.eu https://*.linkedin.com https://*.facebook.com https://*.flockler.com https://social-proxy.flocklr.com https://*.fbcdn.net https://*.cdninstagram.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https://*.cookiebot.eu *.frcapi.com https://media-api.flockler.com/ https://shop.spreequell.de/; style-src-elem 'unsafe-inline' 'self' 'report-sample'; connect-src 'self' https://*.usercentrics.eu https://*.cookiebot.eu https://*.linkedin.com https://api.flockler.app https://stats-api.flockler.app http
strict-transport-security: max-age=31536000;includeSubdomains