indexo.dev

bafin.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 837 ms crawled 2026-05-18

DE · 80.245.145.113 · AS35704 ITZBund

Reputation 100/100

Classifying

HTML metadata

Title
Startseite - Bafin
Description
Die Bafin arbeitet wirksam, entschlossen und mit Weitblick für ein stabiles & faires Finanzsystem, dem Sie vertrauen können.
Language
de
Generator
Government Site Builder
Canonical
https://www.bafin.de/DE/home_node.html

Open Graph

url
https://www.bafin.de/DE/home_node.html
title
Startseite
description
Die Bafin arbeitet wirksam, entschlossen und mit Weitblick für ein stabiles & faires Finanzsystem, dem Sie vertrauen können.

Technology

Server
Apache

Social

Contact

Address
Graurheindorfer Str. 108, 53002, Bonn, DE

Registration

Updated
2022-09-27
Name servers
  • ns0.de.colt.net.
  • ns8.colt.net.

DNS records live

NS
  • ns0.de.colt.net
  • ns8.colt.net
MX
  • 10 mx1.bund.de
  • 10 mx2.bund.de
TXT
  • D-TRUST=2JI3Q4P9VL5PC8F4UDBEBVK
  • apple-domain-verification=m3f0IL9wLEqQOZow
  • MS=BB792901CEB6B878B7FDF667178B7A0670EF136B

Email authentication strong

SPF
v=spf1 include:_spf1.bund.de ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:bafin.de@dmarc.reports.bund.de,mailto:rua@bafin.de; ruf=mailto:ruf@bafin.de; fo=1
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

D-TRUST BR CA 2-23-1 2023
from 2026-04-04 to 2026-10-19
Expires in 153 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bafin.de/DE/home_node.html

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de *.jsdelivr.net *.frcapi.com; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com *.jsdelivr.net *.frcapi.com; img-src 'self' data: *.google.com *.cdninstagram.com *.gstatic.com *.youtube.com piwik.itzbund.de social.bund.de; connect-src 'self' *.itzbund.de *.dtvp.de; frame-ancestors 'self';
strict-transport-security
max-age=31536000

Links to (5)

Linked from (25)