indexo.dev

bast.de

.de crawl

First seen 2026-04-13 · Last seen 2026-05-18 · ok HTTP/1.1 200 883 ms crawled 2026-05-06

DE · 141.38.3.30 · AS41289 Deutscher Wetterdienst

Reputation 97/100 dmarc monitor-only

Classifying

HTML metadata

Title
Startseite - BASt
Description
Homepage des deutschsprachigen Auftritts
Language
de
Generator
Government Site Builder
Canonical
DE/Home/home_node.html

Open Graph

title
Startseite
description
Homepage des deutschsprachigen Auftritts

Technology

Server
Apache

Contact

Email
Phone
Address
Brüderstraße 53, 51427, Bergisch Gladbach, DE

Registration

Updated
2025-06-25
Name servers
  • dns-1.dfn.de.
  • dns-2.dfn.de.
  • dns-3.dfn.de.
  • dnsisp1.dwd.de.
  • dnsisp2.dwd.de.

DNS records live

NS
  • dns-1.dfn.de
  • dns-2.dfn.de
  • dns-3.dfn.de
  • dnsisp1.dwd.de
  • dnsisp2.dwd.de
MX
  • 10 ofcsgbbm.gbbmvi-wan.de
  • 20 zbcsgbbm.gbbmvi-wan.de
TXT
  • MS=5F7E2C1F697982A6BBAB27E80BE5672E06D8A4A2
  • webexdomainverification.=bcdc8356-b679-465d-b8d5-7db3a507caf7
  • MS=ms30665191

Email authentication strong

SPF
v=spf1 mx ip4:141.38.3.247 ip4:141.38.3.248 ip4:141.38.12.84 ip4:141.38.12.85 ip4:141.38.3.230 ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:reports@report.ofcsgbbm.gbbmdv.bund.de
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R36
from 2025-07-11 to 2026-07-12
Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bast.de/DE/Home/home_node.html

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self';  connect-src 'self' sg.geodatenzentrum.de;   style-src 'self' 'unsafe-inline' *.googleapis.com https://www.youtube-nocookie.com/ https://bast-bis3.almoconsult.de/ sg.geodatenzentrum.de  sgx.geodatenzentrum.de https://www.durabast.de/ https://durabast-preview.service.res.bund.de/;    script-src 'self'  'unsafe-inline' 'unsafe-eval' *.googleapis.com https://www.youtube.com/ https://www.youtube-nocookie.com/ https://bast-bis3.almoconsult.de/ sg.geodatenzentrum.de sgx.geodatenzentrum.de https://www.durabast.de/ https://durabast-preview.service.res.bund.de/ ;  object-src 'self' https://www.youtube-nocookie.com/ https://bast-bis3.almoconsult.de/ sg.geodatenzentrum.de sgx.geodatenzentrum.de https://www.durabast.de/ https://durabast-preview.service.res.bund.de/ ;   media-src 'self' https://www.youtube-nocookie.com/ https://bast-bis3.almoconsult.de/ https://www.youtube.com/ https://www.durabast.de/ https://durabast-preview.service.res.bund.de/ ;   child-src
strict-transport-security
max-age=31536000

Linked from (7)