wf-ib.de

.de crawl

First seen 2026-04-15 · Last seen 2026-05-09 · ok HTTP/1.1 200 4253 ms crawled 2026-05-09

FR · 92.205.18.128 · AS21499 Host Europe GmbH

Reputation 94/100 dmarc monitor-only

sector b2b services type homepage

HTML metadata

Title

Wayss & Freytag Ingenieurbau AG

Description

Wayss & Freytag Ingenieurbau AG: Wir bauen Verbindungen fürs Leben. Als Teil der Zech Group sind wir Spezialisten für anspruchsvolle Ingenieurbauprojekte.

Language

Canonical

https://www.wf-ib.de/de/index.html

Translations

Open Graph

title: W&F – Kompetenz im Blickpunkt
image:url: https://www.wf-ib.de/fileadmin/_processed_/0/f/csm_OG-Bild_49bd273c13.jpg

Technology

Server: Apache

Cookie consent

Usercentrics

Third-party hosts loaded (1)

web.cmp.usercentrics.eu×1

Social

Contact

Email

Phone

+496979290

Registration

Updated

2023-04-03

Name servers

ns1.plutex.de.
ns2.plutex.de.
ns3.plutex.de.

DNS records live

NS

ns1.plutex.de
ns2.plutex.de
ns3.plutex.de

MX

0 wfib-de0e.mail.protection.outlook.com
20 mail.wf-ib.de

TXT

Show 5 TXT records

adobe-idp-site-verification=eebbb9c2adadedb5f703814de786a0e93e76fe16a43fa784925c5a11811eb9ba
DfSx84GhrmRLcnCLG6ztw9H29kccDr627Ie1hsvsc9Mk3lvRmTuyNsRpmbGCrKMrVyCfyUJloMyHqlZAM5nNCQ==
bdm8kiifsi54uhoegjo64s1v1n
MS=ms23004211
apple-domain-verification=a4FlfpMkF9CJkWD1

Email authentication partial

SPF

v=spf1 ip4:193.31.128.16/32 include:_spf.salesforce.com  include:sendgrid.net ip4:40.107.104.114/32 ip4:176.95.82.27 include:spf.myzechit.com include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@zech-group.net; ruf=mailto:dmarc@zech-group.net; fo=1;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Te41g2pjp5/5CRA37yxLNiKbFRVXTww5hLATzMl0IP4/GKMtUKK0gGcmWUCaymcbMokYXa3t+Hwkr…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni4TJjqSXuk7A4/CImKne3qplmfWaJfjuhePiFfOJkbhg2XkbHLVdJS5j5bJ1FUliSbg5UVqZBZbaFioTR…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG7aPYTifia98ZOPBlJlpVN/uSn+gZMry4DrZ55vCaMza0Qvm7kER3GNhe/YXNYuZUPP5sQHSZNUX3QypN…

selectors probed

Certificate (current)

R12

from 2026-05-07 to 2026-08-05

Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.wf-ib.de/de/

present

content-security-policy
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.youtube.com 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.usercentrics.eu *.ytimg.com *.vimeocdn.com googleads.g.doubleclick.net *.google.com *.google.de *.googletagmanager.com maps.gstatic.com *.googleapis.com *.gravatar.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.vimeo.com *.doubleclick.net *.googletagmanager.com *.google.com typo3-modulset.netzbewegung.com; script-src-elem 'self' 'unsafe-inline' *.usercentrics.eu stats.wf-ib.de *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.youtube.com cdn.jsdelivr.net www.gstatic.com/recaptcha/ googleads.g.doubleclick.net 'report-sample'; style-src 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com 'report-sample'; style-src-elem 'self' 'unsafe-inline' cdn.