virion.de

.de crawl

First seen 2026-04-14 · Last seen 2026-05-07 · ok HTTP/1.1 200 684 ms crawled 2026-05-07

DE · 88.198.107.142 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title

Virion GmbH

Language

de-DE

Generator

TYPO3 CMS

Canonical

https://www.virion.de/de/

Translations

de-de
en-us

Technology

Server: nginx

Social

Contact

Phone

Registration

Updated

2021-11-30

Name servers

ns.ext-dc.com.
ns.ext-dc.de.
ns.ext-dc.net.

DNS records live

NS

ns.ext-dc.com
ns.ext-dc.de
ns.ext-dc.net

MX

10 mail01.phoenixgroup.eu
10 mail02.phoenixgroup.eu
10 mail03.phoenixgroup.eu
10 mail04.phoenixgroup.eu

TXT

MS=ms75411231

Email authentication strong

SPF: v=spf1 include:_u.virion.de._spf.smart.ondmarc.com ~all
softfail (~all)
DMARC: v=DMARC1; p=reject; pct=100; sp=reject; rua=mailto:3fb658a1@inbox.eu.redsift.cloud; ruf=mailto:3fb658a1@inbox.eu.redsift.cloud; adkim=r; aspf=r; fo=1; rf=afrf; ri=3600
policy: reject (enforced) · sp=reject
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-09-02 to 2026-10-04

Expires in 137 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.virion.de/de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.google-analytics.com; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com static.dvinci-easy.com; img-src 'self' data: *.cookiebot.com *.gstatic.com translate.google.com www.googletagmanager.com *.google-analytics.com googleapis.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googleapis.com www.googletagmanager.com googleapis.com *.cookiebot.com blob:; style-src 'self' 'unsafe-inline' hvs.wortundbildverlag.de *.google-analytics.com www.googletagmanager.com googleapis.com *.googleapis.com; manifest-src 'self'; connect-src 'self' *.google-analytics.com; script-src-elem 'self' 'unsafe-inline' googleapis.com *.googleapis.com *.cookiebot.com *.google-analytics.com www.googletagmanager.com blob:; style-src-attr 'self' 'unsafe-inline' *.google-analytics.com www.googletagmanager.com; frame-src 'self' www.googletagmanager.com *.cookiebot.com player.vimeo.com
strict-transport-security: max-age=31536000

Links to (4)

Linked from (1)

phoenixgroup.eu×2