bkm.de

.de crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 1956 ms crawled 2026-05-15

DE · 167.235.236.38 · AS24940 Hetzner Online GmbH

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Sicherheit für deine finanzielle Zukunft | Bausparkasse Mainz
Description: Ob Baufinanzierung, Bausparen oder Immobilienkauf. Wo du auch im Leben stehst: Mit uns erreichst du deine Ziele für deine finanzielle Zukunft.
Language: de
Generator: Concrete CMS
Canonical: https://www.bkm.de/

Open Graph

url: https://www.bkm.de/
title: Startseite
locale: de_DE
site name: Bausparkasse Mainz

Technology

Server: Apache

Third-party hosts loaded (2)

consent.cookiefirst.com×1
www.whofinance.de×1

Social

Contact

Phone

06131 303-500

Address

Kantstraße 1, 55122, Mainz, DE

Registration

Updated

2019-08-19

Name servers

a.ns.ecotel.net.
b.ns.ecotel.net.
c.ns.ecotel.net.

DNS records live

NS

a.ns.ecotel.net
b.ns.ecotel.net
c.ns.ecotel.net

MX

10 mail.bkm.de
20 mail2.bkm.de
30 mail3.bkm.de

TXT

DJ2E61Bor+K1Hmf0wQH8rr6XlCeYL8/PVYf5O49uSR6eH3WCuoTqy02itAMEoUdV9RDfaENQzOm/9IT4Q5fSjA==
mindmanager-verification=22c670b196b60cc7e46fcb0fa678cbf62ce2c3d1be9211a1606bb45f6f2acf48

Verified for

Apple
Brevo
Microsoft 365

Email authentication partial

SPF

v=spf1 mx a ip4:195.52.9.8 ip4:195.52.9.5 ip4:195.52.9.141 ip4:195.52.9.142 ip4:195.52.245.141 ip4:195.52.245.142 include:nl2go.com include:spf.sendinblue.com include:spf.sosafe.de include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:re+dvds1fbfgyb@dmarc.postmarkapp.com; sp=none; aspf=r;

policy: none (monitoring only) · sp=none

DKIM

mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

R13

from 2026-05-10 to 2026-08-08

Expires in 79 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bkm.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
missing Permissions Policy

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https://www.bkm.de https://bkm.managehub.de https://bkm.managedpark.de ; style-src 'self' 'unsafe-inline' https://www.whofinance.de https://consent-eu.cookiefirst.com https://media-static.immowelt.org https://homepagemodul.immowelt.de https://sibforms.com https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://www.googletagmanager.com ; img-src 'self' data: https://www.google.com https://www.google.de https://googleads.g.doubleclick.net https://www.whofinance.de https://consent.cookiefirst.com https://media-static.immowelt.org https://ms.immowelt.org https://img.mailinblue.com https://www.googletagmanager.com https://pagead2.googlesyndication.com https://www.googleadservices.com https://google.com https://www.google.de https://ad.doubleclick.net https://ade.googlesyndication.com https://googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://fincrm-uploads.s3.eu-central-1.amazonaw
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (4)

Linked from (1)

bennysgrafikstudio.de×1