indexo.dev

vbl.de

.de crawl

First seen 2026-04-14 · Last seen 2026-06-01 · ok HTTP/1.1 200 6513 ms crawled 2026-05-28

DE · 83.243.52.208 · AS3320 Deutsche Telekom AG

Reputation 94/100 dmarc monitor-only

sector health type homepage

HTML metadata

Title
VBLportal - Meine VBL | VBL. Ihr sicheres Plus im Alter.
Description
VBL. Ihr sicheres Plus im Alter.
Language
de-DE

Technology

Server
Apache

Registration

Updated
2025-04-03
Name servers
  • ns1.telekom-domains.de.
  • ns2.telekom-domains.de.

DNS records live

NS
  • ns1.telekom-domains.de
  • ns2.telekom-domains.de
MX
  • 10 mx.vbl.de
TXT
  • MS=6A291BE62CB9362DE64F089BDB156F8F8726C292
Verified for
  • Apple
  • Brevo
  • Google

Email authentication partial

SPF
v=spf1 ip4:193.159.239.192/26 ip4:213.239.250.52 ip4:83.243.52.205 a:mx.vbl.de include:spf.sendinblue.com include:spf.mailbox01.4hr.de -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc-reports@vbl.de
policy: none (monitoring only)
DKIM
  • default: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMr8AHeLHBj9tw0d+pSxKABP+59eKVW4+G3z3DN9NF70JvNgu8ZHQ7hFB98Od1q+HZZg…
  • mail: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2…
selectors probed

Certificate (current)

D-TRUST SSL Class 3 CA 1 EV 2009
from 2026-04-06 to 2026-10-21
Expires in 140 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.vbl.de/de/startseite

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
permissions-policy
autoplay=(self), camera=(), display-capture=(self), encrypted-media=(self), fullscreen=(self "https://api.stream24.net" "https://stream24.net"), geolocation=(self), microphone=(self), midi=(), payment=(), picture-in-picture=(self "https://api.stream24.net" "https://stream24.net"), xr-spatial-tracking=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; connect-src 'self' https://l.ecn-ldr.de https://www.econda-monitor.de https://vbl.hr4you.org https://eveeno.com https://eu-api.friendlycaptcha.eu; font-src 'self'; img-src 'self' data: https://media.stream24.net; object-src 'none'; frame-src 'self' https://api.stream24.net https://video.stream24.net; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval' blob: https://l.ecn-ldr.de https://vbl.hr4you.org https://eveeno.com https://eu-api.friendlycaptcha.eu; form-action 'self' https://vbl.hr4you.org https://eveeno.com; worker-src 'self' blob: https://eu-api.friendlycaptcha.eu; style-src 'self' 'unsafe-inline'; script-src-attr 'unsafe-inline';
strict-transport-security
max-age=15724800; includeSubDomains; preload

Linked from (3)