indexo.dev

bkk-bayern.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 979 ms crawled 2026-05-19

DE · 195.201.1.119 · AS24940 Hetzner Online GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Startseite
Description
Der BKK Landesverband Bayern ist die Dachorganisation für alle Betriebskrankenkassen mit Hauptsitz in Bayern.
Language
de
Generator
TYPO3 CMS
Canonical
https://www.bkk-bayern.de/

Open Graph

title
BKK Landesverband Bayern
image:url
https://www.bkk-bayern.de/fileadmin/media/bkk-bayern/00_Startseite/Header_Slider/og_img_f9photos_iStock-1226069511_2560x1280.jpg
description
Der BKK Landesverband Bayern ist die Dachorganisation für alle Betriebskrankenkassen mit Hauptsitz in Bayern.

Technology

Server
Apache
Fonts
  • Adobe Fonts

Third-party hosts loaded (3)

  • use.typekit.net×1
  • www.bitv-widget.de×1
  • www.google.com×1

Social

Contact

Phone

Registration

Updated
2024-02-07
Name servers
  • nsa5.schlundtech.de.
  • nsb5.schlundtech.de.
  • nsc5.schlundtech.de.
  • nsd5.schlundtech.de.

DNS records live

NS
  • nsa5.schlundtech.de
  • nsb5.schlundtech.de
  • nsc5.schlundtech.de
  • nsd5.schlundtech.de
MX
  • 10 mail.bkk-lv-bayern.de
TXT
  • 5m3k4f7fxt7qmqb01yh5k5nq245crhxw

Email authentication weak

SPF
v=spf1 mx ip4:62.245.200.27 ip4:195.201.1.119 ip6:2001:a60:a0ae:0:62:245:200:27 -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Encryption Everywhere DV TLS CA - G2
from 2025-08-25 to 2026-08-25
Expires in 97 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bkk-bayern.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak content type protection
Header values
referrer-policy
strict-origin
x-frame-options
SAMEORIGIN
permissions-policy
display-capture=(), geolocation=(), microphone=(), midi=(), payment=(), usb=()
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' *.dsg1.de https://www.bitv-widget.de/ *.bkk-bayern.de *.google.com *.gstatic.com *.twitter.com *.youtube.com *.youtube-nocookie.com *.youtube-nocookies.com *.gwq-serviceplus.de; style-src 'report-sample' 'self' 'unsafe-inline' *.dsg1.de https://www.bitv-widget.de/ *.adobe.com *.typekit.com *.typekit.net *.google.com *.gstatic.com *.twitter.com *.gwq-serviceplus.de; object-src 'none'; base-uri 'self'; connect-src 'self' *.bkk-bayern.de *.google.com *.gstatic.com *.googleapis.com *.youtube.com *.youtube-nocookie.com *.youtube-nocookies.com *.vimeo.com *.vimeocdn.com *.twitter.com *.gwq-serviceplus.de; font-src 'self' data: *.typekit.net *.twitter.com *.myfonts.com; frame-src 'self' *.google.com *.gstatic.com *.googleapis.com *.youtube.com *.youtube-nocookie.com *.youtube-nocookies.com *.vimeo.com *.vimeocdn.com *.twitter.com *.gwq-serviceplus.de; frame-ancestors 'self'; img-src 'self' data: *.youtube.com
strict-transport-security
max-age=31536000

Links to (19)

Linked from (1)