volocopter.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-16 · ok HTTP/1.1 200 1613 ms crawled 2026-05-15

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Language: en

Technology

CDN: Vercel
CMS: Next.js

Third-party hosts loaded (2)

cloud.umami.is×1
stream.mux.com×1

Social

Registration

Registrar

Key-Systems GmbH

Created

2011-11-21

Expires

2027-11-21 551 days left

Updated

2026-03-24

Name servers

ns1.domainoffensive.de
ns2.domainoffensive.eu
ns3.domainoffensive.net

DNS records live

NS

ns1.domainoffensive.de
ns2.domainoffensive.eu
ns3.domainoffensive.net

MX

0 volocopter-com.mail.protection.outlook.com

TXT

Show 9 TXT records

apple-domain-verification=krxwJDeOSlSGestY
jetbrains-domain-verification=e1zookwvlecg41tmqgo6cxvbg
miro-verification=4f76973e1f6daf7d95fcc1f330e6121b692f0035
google-site-verification=m3MNllMV1cU40BteTVhZpBCZDY0uC8gmMSTlohAWRYQ
sending_domain1015482=9ab9beec845f5c37d61e127e46c4608b5224519c5453dc1297aceedcc9309442
atlassian-domain-verification=sj5OM5LL9p8DSwmNmCzILYhbeCcOlIuKFYcTBFpnwBqPeX7zIUPu5n7Xbvalzbul
figma-domain-verification=31079b6eb57d3bbc0713ee2b0c7d3d96ca22881863fc2ccc34c8b6d6a5387f48-1727166357
MS=ms37609264
0e7b322e-fb50-47c0-8874-da5a47542260

Email authentication strong

SPF

v=spf1 a mx include:spf.protection.outlook.com ip4:20.23.55.120/32 ip4:4.245.80.80/32 ip4:93.189.156.80/28 include:spf.emailsys.net ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; sp=reject; pct=100; ruf=mailto:dmarcinfo@volocopter.com; rua=mailto:dmarc_agg@vali.email; aspf=r;

policy: reject (enforced) · sp=reject

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2STEZ2MEMHb9byvieZat6s+VxV9ybjwushgiLtbeMlJofVNHsMbMUdLYT7aYX2lHMpETrklRAzJmo8…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvVYQkjaav7jTPm99o4vQeanK7teTTHTa+ceF2Mu5AwJCkDB+Y8WkE37s1VlDF7IpkY465sMaNOqf1tOgC3T…

selectors probed

Certificate (current)

R13

from 2026-03-18 to 2026-06-16

Expires in 28 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.volocopter.com/en

present

strict-transport-security
content-security-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; script-src 'self' https://cloud.umami.is 'unsafe-inline' 'unsafe-eval' https://www.youtube.com; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data: https://i.ytimg.com; media-src 'self' https://cdn.sanity.io https://*.mux.com; font-src 'self' data:; object-src 'none'; frame-src https://ir-api.eqs.com/ https://open.spotify.com/ https://www.youtube.com; frame-ancestors https://studio.volocopter.com; connect-src 'self' https:;
strict-transport-security: max-age=63072000

Links to (6)

Linked from (2)

explain.de×2
brw-versicherungen.de×2