energieagentur-heilbronn.de

.de crawl

First seen 2026-04-16 · Last seen 2026-05-11 · ok HTTP/1.1 200 2707 ms crawled 2026-05-11

DE · 188.40.3.67 · AS24940 Hetzner Online GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Energieagentur Heilbronn: Energiesparen leicht gemacht | Energieagentur Heilbronn
Description: Beratung der Energieagentur Heilbronn: Energieeffizientes Bauen, Sanieren & Wohnen, Stromspar-Check, Gebäude-Check, Schimmel-Check, Förderungen & Zuschüsse.
Language: de
Generator: TYPO3 CMS
Canonical: https://www.energieagentur-heilbronn.de/

Open Graph

url: https://www.energieagentur-heilbronn.de/
title: Home
site name: Energieagentur Heilbronn
descriptiocn: Beratung der Energieagentur Heilbronn: Energieeffizientes Bauen, Sanieren & Wohnen, Stromspar-Check, Gebäude-Check, Schimmel-Check, Förderungen & Zuschüsse.

Technology

Server: Apache

Third-party hosts loaded (1)

demo.dsg1.de×1

Social

Contact

Email

kontakt@energieagentur-heilbronn.de

Phone

Registration

Updated

2023-05-11

Name servers

ns.udag.de.
ns.udag.net.
ns.udag.org.

DNS records live

NS

ns.udag.de
ns.udag.net
ns.udag.org

MX

10 mx1.zeag-energie.de
20 mx2.zeag-energie.de

TXT

qbbo8FbQCzGm0OvtS/vPw7AhZAFr+ZJ6D81OJq8VepRbE71WYXop/YfuzEKNzFKuF4S4STkedPpioqPs7Y7Apg==

Verified for

Microsoft 365

Email authentication weak

SPF: v=spf1 a mx ip4:178.63.60.29/32 ip4:213.133.97.135/32 ip4:94.130.133.243/32 ip6:2a01:4f8:222:a07::2 include:spf.enbw.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Encryption Everywhere DV TLS CA - G2

from 2025-06-22 to 2026-06-22

Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.energieagentur-heilbronn.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak content type protection

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=*, autoplay=*, browsing-topics=(), camera=*, cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=*, microphone=*, midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=()
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://demo.dsg1.de; style-src 'report-sample' 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://demo.dsg1.de; object-src 'none'; base-uri 'self' ; connect-src 'self' ; font-src 'self' data: *.typekit.net; frame-src 'self' ; img-src 'self' data: ; manifest-src 'self'; media-src 'self' data: blob:; report-uri https://326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/enforce; worker-src 'none';
strict-transport-security: max-age=31536000; includeSubdomains

Links to (2)

instagram.com×2
linkedin.com×2

Linked from (1)

wochederwaermepumpe.de×2