indexo.dev

bpa-mitarbeitervorteile.de

.de crawl

First seen 2026-04-13 · Last seen 2026-05-20 · ok HTTP/1.1 200 1032 ms crawled 2026-05-07

DE · 159.89.213.80 · AS14061 DigitalOcean, LLC

Reputation 92/100 no dmarc policy

sector nonprofit type homepage

HTML metadata

Title
Bundesverband privater Anbieter sozialer Dienste e.V.
Language
de

Technology

Server
unknown
Third-party hosts loaded (8)
  • cdnjs.cloudflare.com×4
  • ajax.googleapis.com×3
  • static.colectivosvip.com×3
  • cdn.jsdelivr.net×2
  • unpkg.com×2
  • code.jquery.com×1
  • static.vipdistrict.com×1
  • www.google.com×1

Registration

Updated
2026-02-17
Name servers
  • a.ns14.net.
  • b.ns14.net.
  • c.ns14.net.
  • d.ns14.net.

DNS records live

NS
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net
MX
  • 10 mail.bpa-mitarbeitervorteile.de
TXT
  • zst5fypsty21q4jhvs36szr32g2s5js6

Email authentication partial

SPF
v=spf1 +a +mx +a:mivo01.nmmn.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

E8
from 2026-02-25 to 2026-05-26
Expires in 5 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://bpa-mitarbeitervorteile.de/login-input.action

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=()
x-content-type-options
nosniff
content-security-policy
default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'; script-src 'unsafe-inline' 'unsafe-eval' 'self' bpa-mitarbeitervorteile.de bpa-mitarbeitervorteile.de *.bpa-mitarbeitervorteile.de *.colectivosvip.com *.vipdistrict.com *.epassi.com *.myvipperks.com *.clubevantagem.com *.colaboradoresvip.com *.vipdistrict.de *.diverclick.es *.empleadosvip.com *.ventajasvip.com *.convenzioniperte.com *.mitarbeitervorteile.de www.clarity.ms a.cstmapp.com gs-premium.easypromosapp.com assets.apollo.io sc.lfeeder.com fpjscdn.net coupons.valassis.eu openfpcdn.io *.stackpathcdn.com *.vipbonus.it static.zdassets.com www.p.zjptg.com *.google.com api.eu-1.smooch.io v7b3r3q5.stackpathcdn.com *.easypromosapp.com cdn.ckeditor.com oss.maxcdn.com d3js.org gyrocode.github.io ws.sharethis.com *.netdna-ssl.com *.hotjar.com c64.assets-yammer.com unpkg.com *.googleapis.com *.google-analytics.co
strict-transport-security
max-age=31536000; includeSubdomains;

Links to (2)

Linked from (2)