indexo.dev

sprehe.de

.de crawl

First seen 2026-04-17 · Last seen 2026-05-14 · ok HTTP/1.1 200 1222 ms crawled 2026-05-12

DE · 217.154.76.49 · AS8560 IONOS SE

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Home - Sprehe Gruppe
Language
de
Canonical
https://www.sprehe.de/de

Open Graph

url
https://www.sprehe.de/de
title
Home
locale
de
site name
Home

Technology

Server
nginx
CMS
Gatsby

Registration

Updated
2025-07-16
Name servers
  • ns.ui-global-dns.biz.
  • ns.ui-global-dns.com.
  • ns.ui-global-dns.de.
  • ns.ui-global-dns.org.

DNS records live

NS
  • ns.ui-global-dns.biz
  • ns.ui-global-dns.com
  • ns.ui-global-dns.de
  • ns.ui-global-dns.org
MX
Show 7 MX records
  • 10 mx01.hornetsecurity.com
  • 20 mx02.hornetsecurity.com
  • 30 mx03.hornetsecurity.com
  • 40 mx04.hornetsecurity.com
  • 5 mx14a.antispameurope.com
  • 7 mx14c.antispameurope.com
  • 8 mx14d.antispameurope.com
TXT
Show 6 TXT records
  • google-site-verification=tYPMlTKYtDeY8dK78eZLWdCT9PmhFa7OM07RPWG9c2M
  • cidf0u2r61nt2nsheialqjs4vu
  • _da1tr0ufp2s5fulhoppf7mw5nh2abtd
  • hdjpprgc5tvjlj98mjt4s7v0y3lj2y8b
  • MS=512F35829C0188833FE276E36B781B5B096EE70D
  • brevo-code:95f31466fb21111bb49cf840cf8fcb6c

Email authentication partial

SPF
v=spf1 a mx include:spf.avency.de include:spf.de.umantis.com include:spf.hornetsecurity.com ip4:193.37.149.88 ip4:91.249.145.245 ip4:91.249.145.244 a:mail01.de.umantis.com a:mail02.de.umantis.com a:mail03.de.umantis.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:DMARC-rua@sprehe.de ; ruf=mailto:DMARC-ruf@sprehe.de; pct=100; adkim=r; aspf=r
policy: none (monitoring only)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R13
from 2026-03-12 to 2026-06-10
Expires in 22 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.sprehe.de/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' videos.avency.de fast.fonts.net fonts.googleapis.com fonts.gstatic.com *.cookiebot.com *.etracker.de *.etracker.com www.sprehe.de;

Links to (9)

Linked from (11)