volmary-garten.de

HTML metadata

Technology

CMS

Joomla

Analytics

• Google Tag Manager

Cookie consent

• Usercentrics

Third-party hosts loaded (4)

• app.usercentrics.eu×1
• privacy-proxy.usercentrics.eu×1
• static.elfsight.com×1
• www.googletagmanager.com×1

Social

• instagram
• facebook
• youtube
• linkedin
• tiktok

Registration

Updated

2021-01-15

Name servers

• ns67.domaincontrol.com.
• ns68.domaincontrol.com.

DNS records live

NS

• ns67.domaincontrol.com
• ns68.domaincontrol.com

MX

• 50 mx0.volmary-garten.de

TXT

• google-site-verification=XLTM_fKjfO5GT7zjTN7iZQdJKuZonX64Wcaw4bo8syQ

Email authentication partial

SPF

v=spf1 a mx include:spf.server-he.de -all

strict (-all)

DMARC

not published

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN2WV0eIaUzR+9xRF62ITpt+h0MABH0WvPL2PPEqXhkfdGi391/ALLbnmOL9Rix8Tj4rHZWm/xa3SVgb0m…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UeT9wUXPFamzLUoYPOZHgI5rQyrTpSebrlXDUg1RT+szOEXRrPmF19mvBrHOMfYUmOdQcY5gC+3N/DiIi…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.volmary-garten.de/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources

Links to (10)

• christrose-wintersun.de×1
• europa.eu×1
• facebook.com×1
• instagram.com×1
• linkedin.com×1
• pinterest.de×1
• tiktok.com×1
• trustedshops.de×1
• volmary.com×1
• youtube.com×1

Linked from (1)

• volmary.com×2