fassmer.de

.de crawl

First seen 2026-04-19 · Last seen 2026-05-13 · ok HTTP/1.1 200 6715 ms crawled 2026-05-13

DE · 85.214.48.5 · AS6724 Strato GmbH

Reputation 100/100

sector manufacturing type homepage

HTML metadata

Title

Special Shipbuilding – Fassmer | Boats & Composites

Description

Special Shipbuilding by Fassmer: Custom vessels, lifeboats, deck equipment, wind-power and composite solutions from one source – discover more!

Language

Canonical

https://www.fassmer.de/

Translations

Open Graph

url: https://www.fassmer.de/
title: Special Shipbuilding – Fassmer | Boats & Composites
site name: Fassmer
description: Special Shipbuilding by Fassmer: Custom vessels, lifeboats, deck equipment, wind-power and composite solutions from one source – discover more!

Technology

Server: Apache

Social

Registration

Updated

2014-09-30

Name servers

auth01.ns.de.uu.net.
auth51.ns.de.uu.net.

DNS records live

NS

auth01.ns.de.uu.net
auth51.ns.de.uu.net

MX

100 mail.fassmer.de
50 mailgw.fassmer.de

TXT

Show 7 TXT records

Generated by UUNET DNSTool V 2.8
apple-domain-verification=tiNUoSfdsfCaetsr
google-site-verification=jY2wmkwy4OVrHa_AH5xj1_lhvYmJ04ibqoqaCYCeYDM
Host Shared
globalsign-domain-verification=wJMJc-9wztFK8AhetMjKiB8Rg2y8kXHz_kCZcbJAMX
_globalsign-domain-verification=hU2WE8S6OYrQ9M35W4UsSO8gxMnn8vseTkBqG88rsS
MS=ms80015169

Email authentication strong

SPF: v=spf1 a mx ip4:145.253.156.98 include:spf.mailjet.com include:spf.codepiraten.com -all
strict (-all)
DMARC: v=DMARC1; p=quarantine; sp=quarantine
policy: quarantine · sp=quarantine
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-04-30 to 2026-07-29

Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.fassmer.de/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
permissions-policy: autoplay=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"), picture-in-picture=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"), camera=(), microphone=(), geolocation=(self), fullscreen=*
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'nonce-3c83c1f7bdab45aceb426ab7d8db876c' 'report-sample' 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.gstatic.com https://www.youtube.com https://www.youtube-nocookie.com https://s.ytimg.com; style-src 'report-sample' 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://i.ytimg.com https://s.ytimg.com; font-src 'self'; frame-src 'self' https://www.googletagmanager.com https://www.youtube.com https://www.youtube-nocookie.com; img-src 'self' w3.org/svg/2000 https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://i.ytimg.com https://s.ytimg.com; manifest-src 'self'; media-src 'self'; report-uri /security-report.php; worker-src 'self'; form-action 'self'; frame-ancestors 'self';