xcarstens.de

.de crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 7507 ms crawled 2026-05-15

DE · 81.169.145.91 · AS6724 Strato GmbH

Reputation 100/100

Classifying

HTML metadata

Title: Sanitätshaus Carstens in Stuttgart - dein Gesundheitspartner
Description: Sanitätshaus Carstens in Stuttgart: Persönliche Beratung, moderne Hilfsmittel & Rundum-Service für deine Gesundheit & die deiner Angehörigen.
Language: de

Open Graph

title: Sanitätshaus Carstens in Stuttgart - dein Gesundheitspartner
description: Sanitätshaus Carstens in Stuttgart: Persönliche Beratung, moderne Hilfsmittel & Rundum-Service für deine Gesundheit & die deiner Angehörigen.

Technology

Server: railway-edge
CMS: Next.js

Social

Contact

Email

Phone

Registration

Updated

2024-10-25

Name servers

docks11.rzone.de.
shades02.rzone.de.

DNS records live

NS

docks11.rzone.de
shades02.rzone.de

MX

20 mx01.hornetsecurity.com
20 mx02.hornetsecurity.com
200 mx03.hornetsecurity.com
200 mx04.hornetsecurity.com

TXT

MS=ms81565150
google-site-verification=MZJy0Qq967s5G1hJtloLTNKl-93x3kSS3_U585_VBOk

Email authentication strong

SPF

v=spf1 mx a:mx01.luttermann.de ip4:94.130.131.91 ip4:94.130.69.101 ip4:62.214.154.208/28 include:_spf.strato.com include:spf-de.emailsignatures365.com include:spf.hornetsecurity.com include:spf.protection.outlook.com include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; ruf=mailto:postmaster@sanitaetshaus-carstens.de;

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN4lXxwYTLeJHmD9mCujFWztwxDn2dTp0OGd7qT4cvQLthXQJtuaclzQuCXSNX36RDNzNg1cwjeqw7p6in…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2U+DKl6//qLkV7nFdNTH97StoWqFGT3wmBRA39JFZJlUtOgiFoWfehmlojFeOk8JTsH+Nj+FuJ1VuyVl/5…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-01-22 to 2027-01-30

Expires in 255 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.xcarstens.de/

present

content-security-policy
x-content-type-options
referrer-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdn.tailwindcss.com https://auxilium.eu.auth0.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com https://auxilium.eu.auth0.com; img-src 'self' data: https:; font-src 'self' data: https://cdn.tailwindcss.com; connect-src 'self' https: https://auxilium.eu.auth0.com; frame-src 'self' https://bot.resilo.online https://platform.resilo.ai https://widgetblob.blob.core.windows.net https://www.google.com/maps; object-src 'none'; frame-ancestors 'self' https://up-monitoring-app-production.up.railway.app https://monitoring.updesignstudio.de http://localhost:* https://cms.auxiliumgruppe.online https://directus-directus-testing.up.railway.app; base-uri 'self';

Links to (6)

Linked from (1)

bbu01.com×2