bwva.de

.de crawl

First seen 2026-04-14 · Last seen 2026-05-08 · ok HTTP/1.1 200 4095 ms crawled 2026-05-08

DE · 134.119.225.29 · AS34011 Host Europe GmbH

Reputation 100/100

Classifying

HTML metadata

Title: BWVA: Baden-Württembergische Versorgungsanstalt für Ärzte, Zahnärzte und Tierärzte - BWVA
Description: Baden-Württembergische Versorgungsanstalt für Ärzte, Zahnärzte und Tierärzte
Language: de-DE
Generator: TYPO3 CMS
Canonical: https://www.bwva.de/

Open Graph

title: BWVA

Technology

Server: nginx

Analytics

Google Tag Manager

Cookie consent

Cookiebot

Third-party hosts loaded (2)

consent.cookiebot.com×1
www.googletagmanager.com×1

Registration

Updated

2020-09-14

Name servers

ns81.domaincontrol.com.
ns82.domaincontrol.com.

DNS records live

NS

ns81.domaincontrol.com
ns82.domaincontrol.com

MX

10 owa.bwva.de

TXT

Show 5 TXT records

google-site-verification=e5FUezt6Z5kgqmzMX-JuDu9u9AWYrf8lbpj6X4Ll8-o
anthropic-domain-verification-5r13tv=3VIIHKfIS1iHXa3NLa4slCWtb
apple-domain-verification=Dk4b3us4S4F4mKVa
ZOOM_verify_H0HUivrMTpgF1g0PVQaVnr
atlassian-domain-verification=OANN5IceD3ZZb3nyELvDaQ/ac5sHL4rICsiIaIN9MA3qUTNakayyys3wwEY1vXzr

Email authentication strong

SPF: v=spf1 mx ip4:91.25.229.202 -all
strict (-all)
DMARC: v=DMARC1; p=reject;
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

Starfield Secure Certificate Authority - G2

from 2025-09-10 to 2026-09-24

Expires in 128 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.bwva.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
permissions-policy: geolocation=(), midi=(), camera=(), usb=(), magnetometer=(), accelerometer=(), gyroscope=(), microphone=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://*.cookiebot.com/ https://*.google.de/ https://*.google.com/ https://www.googletagmanager.com/ https://*.google-analytics.com https://*.gstatic.com/ https://*.googleapis.com/ https://*.doubleclick.net/ https://cdn.eye-able.com/ https://translate-cdn.eye-able.com/ https://translate.eye-able.com/ https://bwva.dev-heindl.de/ https://bwva.de/ https://www.bwva.de/;
strict-transport-security: max-age=15552000; includeSubDomains

Links to (1)

e-befreiungsantrag.de×2

Linked from (1)

gvg.org×2