pfeiffersche-stiftungen.de

.de crawl

First seen 2026-04-26 · Last seen 2026-05-19 · ok HTTP/1.1 200 1471 ms crawled 2026-05-19

DE · 93.93.202.80 · AS210785 KAPELAN Medien GmbH

Reputation 75/100 wrong cert

Classifying

HTML metadata

Title: Pfeiffersche Stiftungen - Pfeiffersche Stiftungen
Description: Den Menschen zuliebe. Die Pfeifferschen Stiftungen zu Magdeburg-Cracau sind eine sozialdiakonische Komplexeinrichtung mit Tradition seit 1889.
Language: de-de
Generator: TYPO3 CMS
Canonical: https://www.pfeiffersche-stiftungen.de/index.html

Technology

Server: nginx

Cookie consent

Usercentrics

Third-party hosts loaded (2)

app.usercentrics.eu×3
privacy-proxy.usercentrics.eu×3

Social

Contact

Phone

+4939185050

Registration

Updated

2025-11-28

Name servers

ns0.nl.
ns11.net.
ns5.be.

DNS records live

NS

ns0.nl
ns11.net
ns5.be

MX

10 pfeifferschestiftungen-de03b.mail.protection.outlook.com

Verified for

Apple

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:plesk-ps.kpln.de include:_spf.sendnode.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:ict-service@pfeiffersche-stiftungen.de; ruf=mailto:ict-service@pfeiffersche-stiftungen.de; fo=1

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsd6ii2SHRdGoBk4soKhNTDZY8GhrXDZyildkoJ6Qn7Tm+hUjDXsRn82nTmRxD0R2nA9LmSjaY8M0dj2LAPx…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfKUrVp2Uco1SEkEe43355eCMj+1PXkz8gu7Brv91K2+b/8q6j6jO3bdBDTg4K3gWzsWbP4hXQ3BEp…

selectors probed

Certificate (current) wrong cert

Sectigo Public Server Authentication CA DV R36

from 2026-01-27 to 2027-02-28

Expires in 283 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.pfeiffersche-stiftungen.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: fullscreen=(self "https://*.youtube.com" "https://*.youtube-nocookie.com" "https://*.vimeo.com"), geolocation=(), midi=(), camera=(), usb=(), magnetometer=(), accelerometer=(), vr=(), speaker=(), ambient-light-sensor=(), gyroscope=(), microphone=()
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; child-src https://*.youtube.com https://*.youtube-nocookie.com https://*.vimeo.com https://app.usercentrics.eu https://*.altruja.de https://*.readspeaker.com https://*.micropayment.de https://spenden.twingle.de https://jobboard.easyhr.io; connect-src 'self' https://*.usercentrics.eu https://*.readspeaker.com https://maps.google.com https://maps.googleapis.com https://stats.kpln.de https://*.altruja.de; default-src 'unsafe-inline' 'unsafe-eval'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com data:; form-action 'self'; frame-ancestors 'self' https://*.googleapis.com; img-src 'self' https://*.usercentrics.eu https://*.altruja.de https://i.ytimg.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://*.openstreetmap.org data: https://pulsschlag.pfeiffersche-stiftungen.de; media-src 'self'; object-src 'self' https://*.youtube.com https://*.youtube-nocookie.com https://*.vimeo.com; sandbox allow-downloads allow-forms a
strict-transport-security: max-age=63072000; includeSubdomains