indexo.dev

ddfm.de

.de crawl

First seen 2026-04-15 · Last seen 2026-05-19 · ok HTTP/1.1 200 5502 ms crawled 2026-05-09

DE · 85.13.150.86 · AS34788 Neue Medien Muennich GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Deutsches Damast- & Frottiermuseum
Language
de
Generator
BLUEPAGE-CMS V3.15.0

Technology

Server
Apache

Contact

Phone

Registration

Updated
2020-09-08
Name servers
  • ns3.ai-dns.de.
  • ns5.kasserver.com.
  • ns5.name-server-kas.de.
  • ns6.kasserver.com.

DNS records live

NS
  • ns3.ai-dns.de
  • ns5.kasserver.com
  • ns5.name-server-kas.de
  • ns6.kasserver.com
MX
  • 10 mx-03.bwk.net

Email authentication weak

SPF
v=spf1 mx a:mail.grossschoenau.de ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

E8
from 2026-05-05 to 2026-08-03
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.ddfm.de/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; form-action 'self' https://www.ddfm.de/; default-src 'self' data:; img-src 'self' https://www.ddfm.de/ blob: data:; font-src 'self' data:; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.ddfm.de/ ; style-src 'self' 'unsafe-inline' ; frame-src 'self' 'unsafe-inline' https://www.google.com/ https://*.youtube-nocookie.com/ https://www.youtube.com/;frame-ancestors 'none'; connect-src 'self' https://www.ddfm.de/ blob: data:;

Linked from (2)