indexo.dev

klinikum-lev.de

.de crawl

First seen 2026-04-17 · Last seen 2026-05-14 · ok HTTP/1.1 200 5726 ms crawled 2026-05-11

DE · 165.22.21.33 · AS14061 DigitalOcean, LLC

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Startseite | Klinikum Leverkusen
Language
de-DE
Generator
TYPO3 CMS
Canonical
https://www.klinikum-lev.de/

Technology

Server
nginx

Third-party hosts loaded (1)

  • consent.amedick-sommer.de×1

Social

Contact

Address
© Klinikum LeverkusenAm Gesundheitspark 1151375 LeverkusenTelefon 0214 13-0info@klinikum-lev.deImpressumDatenschutzCookie-Einstellungen

Registration

Updated
2019-02-14
Name servers
  • ns01.ondns.de.
  • ns02.ondns.eu.

DNS records live

NS
  • ns01.ondns.de
  • ns02.ondns.eu
MX
  • 10 kl-lev.in.tmes.trendmicro.eu
TXT
Show 4 TXT records
  • tmes=1d98cbe930f5a32821f75b6b384a425b
  • MS=ms31085810
  • cisco-ci-domain-verification=168140a11ce2a1739d93be961bcf08bd8e3742fe5c8891e5e63bc4ebb131c669
  • ZA=iLDg2/ZZb/fl8SEfJ+G1zA==

Email authentication weak

SPF
v=spf1 mx ip4:94.135.235.62 include:spf.tmes.trendmicro.com ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-04-20 to 2026-07-19
Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.klinikum-lev.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
img-src * data:; style-src 'self' 'unsafe-inline' consent.amedick-sommer.de; default-src * blob: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: www.youtube.com s.ytimg.com *.usercentrics.eu *.googleapis.com *.google.com www.youtube-nocookie.com *.vimeocdn.com *.vimeo.com fonts.gstatic.com www.googletagmanager.com www.google-analytics.com *.facebook.net *.altruja.de altruja.de *.fundraisingbox.com consent.amedick-sommer.de
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (3)

Linked from (3)