indexo.dev

nordsternturm.de

.de ok HTTP/1.1 200 564 ms

First seen 2026-05-30 · Last seen 2026-06-14 · crawled 2026-06-14

DE · 82.141.4.19 · AS8648 dogado GmbH

Reputation 67/100 wrong cert no dmarc policy

sector education type homepage

HTML metadata

Title
STARTSEITE - Nordsternturm
Description
Nordstern-Museum und Besucherterrasse im Nordsternturm in Gelsenkirchen

Technology

Server
nginx
jQuery
1.9.1 known XSS (<3.5)
Cookie consent
  • Usercentrics

Third-party hosts loaded (2)

  • app.usercentrics.eu×1
  • privacy-proxy.usercentrics.eu×1

Social

Registration

Updated
2026-05-06
Name servers
  • a.ns14.net.
  • b.ns14.net.
  • c.ns14.net.
  • d.ns14.net.

DNS records live

NS
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net
MX
  • 10 smail-viv-mta1.dts-security.de
  • 20 smail-viv.dts-security.de
  • 30 smail-viv-mta2.dts-security.de
TXT
  • swisssign-check=giBMWHIH2_naCUMbP7dI9okRCzA
Verified for
  • Microsoft 365

Email authentication weak

SPF
v=spf1 a include:spf.protection.outlook.com include:spf1.dts-security.de include:spf-de.emailsignatures365.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current) wrong cert

proxy00.dev.v265.ext.trafo2.de
from 2024-04-09 to 2034-04-07
Expires in 2847 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.nordsternturm.de/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' *.gelsenkirchen.de kit.fontawesome.com *.trafo2.de *.vivawest.de *.vivawest.dev *.etracker.de *.etracker.com *.googleapis.com *.googletagmanager.com *.trackify.info *.usercentrics.eu *.typography.com *.w3.org *.vimeo.com vimeo.com *.vimeocdn.com *.chatbots-adesso.net *.onlyfy.jobs; frame-src 'self' 'unsafe-inline' 'unsafe-hashes' *.gelsenkirchen.de kit.fontawesome.com *.trafo2.de *.vivawest.de *.vivawest.dev *.etracker.de *.etracker.com *.googleapis.com *.googletagmanager.com *.trackify.info *.usercentrics.eu *.typography.com *.w3.org *.vimeo.com vimeo.com *.vimeocdn.com *.lightwidget.com lightwidget.com *.chatbots-adesso.net *.onlyfy.jobs *.youtube.com online.serviceocean.de *.youtube-nocookie.com *.ogulo.com; frame-ancestors 'self' *.trafo2.de *.vivawest.de *.etracker.de *.vivawest.dev *.etracker.com *.googleapis.com *.googletagmanager.com *.trackify.info *.usercentrics.eu *.typography.com *.w3.org *.vimeo.com vimeo.com *.v
strict-transport-security
max-age=63072000; includeSubdomains; preload

Links to (3)

Linked from (1)

Use this data via API

Everything on this page for nordsternturm.de is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/nordsternturm.de" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →

Add a badge to your site

Own nordsternturm.de? Show it's tracked on indexo.dev and link visitors straight to this page.

indexo.dev — nordsternturm.de

<a href="https://indexo.dev/nordsternturm.de" target="_blank" rel="noopener">
  <img src="https://indexo.dev/nordsternturm.de/badge.svg" alt="indexo.dev — nordsternturm.de">
</a>