indexo.dev

isfh.de

.de crawl

First seen 2026-04-14 · Last seen 2026-05-06 · ok HTTP/1.1 200 2502 ms crawled 2026-05-08

DE · 188.34.162.216 · AS24940 Hetzner Online GmbH

Reputation 69/100 listed in spam blocklist dmarc monitor-only

Classifying

HTML metadata

Title
Institut für Solarenergieforschung in Hameln
Description
Das ISFH fördert seit über 30 Jahren angewandte Forschung in Photovoltaik und Solarenergie. Wir forschen an innovativen Lösungen für Photovoltaik, solaren Systemtechnologien, Wärmepumpen und Solarthermie – mit Fokus auf Praxisnähe und Nachhaltigkeit.
Language
de
Canonical
https://isfh.de/
Translations
  • de
  • en

Technology

Server
nginx
CMS
Nuxt

Social

Registration

Updated
2022-09-26
Name servers
  • ns5.kasserver.com.
  • ns6.kasserver.com.

DNS records live

NS
  • ns5.kasserver.com
  • ns6.kasserver.com
MX
  • 10 w0084764.kasserver.com
TXT
  • brevo-code:e98d5100ef8a304b7a8efbb66c04f3b7

Email authentication partial

SPF
v=spf1 mx a -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-04-10 to 2026-07-09
Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://isfh.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • weak frame protection
  • weak content type protection
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN, SAMEORIGIN
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options
nosniff, nosniff
content-security-policy
base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://cms.isfh.de; img-src 'self' data: https://cms.isfh.de; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'strict-dynamic' 'nonce-ntOQP91LhDaHKkWdw5/2YXgV'; upgrade-insecure-requests;
strict-transport-security
max-age=15552000; includeSubDomains;
cross-origin-resource-policy
cross-origin

Links to (1)

Linked from (1)