indexo.dev

bvs.de

.de crawl

First seen 2026-04-12 · Last seen 2026-05-19 · ok HTTP/1.1 200 821 ms crawled 2026-05-08

DE · 195.30.21.65 · AS5539 SpaceNet AG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
BVS
Language
de-de
Generator
TYPO3 CMS
Canonical
https://www.bvs.de/

Technology

Server
Apache

Third-party hosts loaded (1)

  • widget.moin.ai×1

Social

Contact

Email

Registration

Updated
2015-02-25
Name servers
  • ns3.dns.space.net.
  • ns4.dns.space.net.
  • ns.space.net.

DNS records live

NS
  • ns.space.net
  • ns3.dns.space.net
  • ns4.dns.space.net
MX
  • 100 gatekeeper-spf.space.net
TXT
  • nj8391sijhhf3f4600vk9uno10
  • MS=06D2EF91B54F184A664A0656FF07EB55FB4FB39C
  • lek9pnfuumd2olv1d0aorlkrqr
Verified for
  • Adobe
  • Atlassian

Email authentication partial

SPF
v=spf1 include:csa.wwwserver.net a:www.bvs.de a:mail2.bayvs.de ip6:2001:608:2:42::144 ip4:195.30.99.144 ip4:192.145.44.196 ip4:195.30.124.174 ip4:159.69.190.172 ip4:188.34.160.148 ip4:49.12.110.224 ip4:168.119.103.67 a:mail.jobquick.net include:spf.mailjet.com ~all
softfail (~all)
DMARC
v=DMARC1;p=none;pct=10;rua=mailto:it-hotline@bvs.de;ruf=mailto:marketing_bvs@bvs.de
policy: none (monitoring only) · pct=10
DKIM
no key found at common selectors

Certificate (current)

RapidSSL TLS RSA CA G1
from 2025-05-14 to 2026-05-27
Expires in 6 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bvs.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://widget.moin.ai/ https://api.moin.ai/ https://cfg.moin.ai/ wss://bot.moin.ai/ https://www.eye-able-cdn.com/; style-src 'self' 'unsafe-inline' https://www.eye-able-cdn.com/ https://widget.moin.ai/ https://cdn.eye-able.com 'report-sample'; script-src 'self' https://widget.moin.ai/ https://api.moin.ai/ https://cfg.moin.ai/ wss://bot.moin.ai/ https://www.eye-able-cdn.com/ 'unsafe-inline' https://*.jobquick.net https://cdn.eye-able.com https://www.bvs.de/ https://entwicklung12.bvs.de/ 'report-sample'; form-action 'self'; worker-src 'none' 'report-sample'; frame-src 'self' https://widget.moin.ai/ https://api.moin.ai/ https://cfg.moin.ai/ wss://bot.moin.ai/ https://www.eye-able-cdn.com/ https://player.vimeo.com https://www.youtube.com https://youtu.be https://www.youtube-nocookie.com https://*.jobquick.net; img-src 'self' https://widget.moin.ai/ https://api.moin.ai/ https://cfg.moin.ai/ wss://bot.moin.ai/ https://www.eye-able-cdn.com/ data: https://media.moin.ai/ htt
strict-transport-security
max-age=15552000; includeSubDomains; preload

Links to (10)

Linked from (2)