indexo.dev

karlstadt.de

.de crawl

First seen 2026-04-22 · Last seen 2026-05-18 · ok HTTP/1.1 200 3920 ms crawled 2026-05-16

DE · 51.116.237.107 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Karlstadt - Kreisstadt Main-Spessart
Description
Karlstadt, Kreisstadt Main-Spessart ... auf Schritt und Tritt ein Erlebnis
Language
de
Canonical
https://www.karlstadt.de/seite/de/kreisstadt/02/WB/Herzlich_willkommen_auf_der_Website_der_Stadt_Karlstadt.html

Open Graph

url
https://www.karlstadt.de
title
Karlstadt - Kreisstadt Main-Spessart
site name
Stadt Karlstadt
description
Karlstadt, Kreisstadt Main-Spessart ... auf Schritt und Tritt ein Erlebnis

Social

Contact

Email
Phone

Registration

Updated
2023-05-16
Name servers
  • ns1016.ui-dns.com.
  • ns1023.ui-dns.org.
  • ns1054.ui-dns.de.
  • ns1098.ui-dns.biz.

DNS records live

NS
  • ns1016.ui-dns.com
  • ns1023.ui-dns.org
  • ns1054.ui-dns.de
  • ns1098.ui-dns.biz
MX
  • 10 mail.bayern.de
TXT
Show 4 TXT records
  • apple-domain-verification=XNJg417QuDmaXIr1
  • 98e61e79a653493297aeb3f43b481ba7
  • MS=E9D8C8A73EE0E1DA7AB785FBF36200E0E4664B2B
  • cisco-ci-domain-verification=23c032d9170c989a7c49956c649345736b7a97161ef5da8975a9d395884169c4

Email authentication weak

SPF
v=spf1 ip4:83.246.40.2 include:bayern.de include:mx.mail-aktiv.de -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2025-11-25 to 2026-12-27
Expires in 221 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.karlstadt.de/seite/de/kreisstadt/02/WB/Herzlich_willkommen_auf_der_Website_der_Stadt_Karlstadt.html

present
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-inline'; script-src * data: 'unsafe-inline' 'unsafe-eval'; script-src-elem * data: 'unsafe-inline'; script-src-attr 'self' data: 'unsafe-inline'; style-src * data: 'unsafe-inline'; img-src * 'self' data: *; font-src 'self'; frame-src *

Links to (2)

Linked from (6)