bfu-web.de

HTML metadata

Technology

Server

Apache

Contact

Email

• box@bfu-web.de

Registration

Updated

2017-06-19

Name servers

• dns-3.dfn.de.
• dnsisp1.dwd.de.
• dnsisp2.dwd.de.

DNS records live

NS

• dns-3.dfn.de
• dnsisp1.dwd.de
• dnsisp2.dwd.de

MX

• 10 ofcsgbbm.gbbmvi-wan.de
• 20 zbcsgbbm.gbbmvi-wan.de

Verified for

• Cisco

Email authentication partial

SPF

v=spf1 mx ip4:141.38.3.247 ip4:141.38.3.248 ip4:141.38.12.84 ip4:141.38.12.85 ip4:141.38.3.230 ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:reports@report.ofcsgbbm.gbbmdv.bund.de

policy: none (monitoring only)

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bfu-web.de/DE/Home/home_node.html

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing Permissions Policy

Links to (9)

• www.gov.uk×1
• lba.de×1
• fallschirmsportverband.de×1
• europa.eu×1
• dulv.de×1
• dfsv.de×1
• dfs.de×1
• daec.de×1
• bund.de×1

Linked from (1)

• gdf.de×1