indexo.dev

baxi-online.de

.de crawl

First seen 2026-05-03 · Last seen 2026-05-10 · ok HTTP/1.1 200 989 ms crawled 2026-05-10

DE · 85.215.105.253 · AS8560 IONOS SE

Reputation 89/100 weak security headers dmarc monitor-only

sector tech type homepage

HTML metadata

Title
BAXI Online Buchung

Technology

Server
Apache

Registration

Updated
2024-03-30
Name servers
  • a.ns14.net.
  • b.ns14.net.
  • c.ns14.net.
  • d.ns14.net.

DNS records live

NS
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net
MX
  • 10 toraiss.de

Email authentication partial

SPF
v=spf1 +a +mx IP4:85.215.105.253 ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:tomaschek@schwarzer-reisen.de; ruf=mailto:tomaschek@schwarzer-reisen.de; fo=1
policy: none (monitoring only)
DKIM
  • default: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWKZ28o8ObB4ixi75V3vipCZ/Gl63w6jB3xOYIWTADJQdI4Ts2i6pD09VGMB2A6XENEuGS6tWbUZuiKpCIwUd…
selectors probed

Certificate (current)

R12
from 2026-04-25 to 2026-07-24
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.baxi-online.de/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'

Links to (3)

Linked from (1)