indexo.dev

visit-lahnstein.de

.de crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 9592 ms crawled 2026-05-15

DE · 89.110.176.206 · AS12306 Plus.line AG

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Visit Lahnstein | Visit Lahnstein
Language
de
Generator
CMS ionas4
Canonical
https://www.visit-lahnstein.de/

Open Graph

url
https://www.visit-lahnstein.de/
title
Visit Lahnstein
locale
de_DE
site name
Visit Lahnstein

Technology

Server
Apache

Third-party hosts loaded (1)

  • www.lahnstein.de×1

Contact

Phone
Address
Touristinformation LahnsteinSalhofplatz 356112Lahnstein

Registration

Updated
2024-09-30
Name servers
  • ns-a.ktk.de.
  • ns-b.ktk.io.
  • ns-c.ktk.de.

DNS records live

NS
  • ns-a.ktk.de
  • ns-b.ktk.io
  • ns-c.ktk.de
MX
  • 30 mx-a.ktk.de
  • 30 mx-b.ktk.de

Email authentication weak

SPF
v=spf1 mx include:mail.ktk.de ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2025-10-08 to 2026-10-09
Expires in 142 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.visit-lahnstein.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; child-src 'self' blob: https://kb.ionas.de/; connect-src 'self' blob: https://*.egovernor.de/ https://api.service-digitale-verwaltung.de/ https://resc.deskline.net/ https://webapi.deskline.net/ https://www8.chamaeleon.de/; font-src 'self' data:; frame-ancestors 'self' https://www.lahnstein.de; frame-src 'self' https://consent.google.com https://iam.chamaeleon.de/ https://www.google.com https://www.lahnstein.de http://www.ticket-regional.de/ https://www.visit-lahnstein.de; form-action 'self' https://id.bund.de/; img-src 'self' blob: data: https://*.egovernor.de/ https://api.service-digitale-verwaltung.de/ https://resc.deskline.net/ https://tiles.chamaeleon.de https://www.lahnstein.de https://www8.chamaeleon.de/; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://api.service-digitale-verwaltung.de/; script-src-elem 'self' 'unsafe-inline' https://api.service-digitale-verwaltung.de/ https://resc.deskline.net
strict-transport-security
max-age=31536000

Links to (3)

Linked from (1)