thebarn.io

.io crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 6861 ms crawled 2026-05-15

NL · 13.69.68.62 · AS8075 Microsoft Corporation

Reputation 100/100

sector tech type homepage

HTML metadata

Title: theBarn – a circular economy accelerator powered by Südzucker Group
Description: A foodtech, agritech and bio-economy accelerator for creating sustainable impact in the circular economy.
Language: en-US
Canonical: https://www.thebarn.io/

Open Graph

url: https://www.thebarn.io/
title: theBarn – a circular economy accelerator powered by Südzucker Group
locale: en
site name: theBarn
description: A foodtech, agritech and bio-economy accelerator for creating sustainable impact in the circular economy.
locale:alternate: en

Technology

Server: nginx

Social

DNS records live

NS

ns10.managed-ip.com
ns11.managed-ip.info
ns12.managed-ip.info
ns9.managed-ip.com

TXT

864F768B07083750A3797F967326782E2D4C3C53F67AF47EE358E0BC8B958F05
3ki8el0aprbuifland0737pvd0

Email authentication no MX

SPF: v=spf1 -all
strict (-all)
DMARC: v=DMARC1; p=reject; rua=mailto:6368fb8e2e783@ag.eu.dmarcly.com; ruf=mailto:6368fb8e2e783@fo.eu.dmarcly.com; sp=reject; fo=0;
policy: reject (enforced) · sp=reject
DKIM: no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-03-01 to 2026-09-02

Expires in 105 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.thebarn.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: same-origin, no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; script-src 'self' https://cdn.matomo.cloud https://consent.cookiebot.com/ https://consentcdn.cookiebot.com/ https://suedzuckergroup.matomo.cloud/ https://app.usercentrics.eu/ https://img.usercentrics.eu/ https://api.usercentrics.eu/ https://matomo.suedzuckergroup.com/ https://web.cmp.usercentrics.eu/ https://snap.licdn.com/ https://www.googletagmanager.com/ https://v1.api.service.cmp.usercentrics.eu/ https://googleads.g.doubleclick.net/ 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: 'unsafe-eval' https://imgsct.cookiebot.com/ https://px.ads.linkedin.com/ https://www.google.com/ https://www.google.de/; connect-src 'self' https://consentcdn.cookiebot.com https://suedzuckergroup.matomo.cloud/ https://api.friendlycaptcha.com/ https://matomo.suedzuckergroup.com/ https://app.usercentrics.eu/ https://img.usercentrics.eu/ https://api.usercentrics.eu/ https://graphql.usercentrics.eu/ https://snap.licdn.com/ https://px.ad
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always

Links to (7)

Linked from (1)

suedzucker.com×2