fcstpauli.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-19 · ok HTTP/1.1 200 9954 ms crawled 2026-05-05

DE · 217.160.0.226 · AS8560 IONOS SE

Reputation 95/100 weak security headers

sector sports type homepage

HTML metadata

Title: FC St. Pauli | Home
Description: Die offizielle Website des FC St. Pauli ☠ Hier gibt's die aktuellsten News und Infos zum Verein und unseren Kiezkickern!
Language: de
Canonical: https://www.fcstpauli.com/home

Open Graph

url: https://www.fcstpauli.com/home
title: Home
locale: de_DE
site name: FC St. Pauli
description: Die offizielle Website des FC St. Pauli ☠ Hier gibt's die aktuellsten News und Infos zum Verein und unseren Kiezkickern!
locale:alternate: en_GB

Technology

CDN: Azure Front Door
CMS: Next.js

Cookie consent

Usercentrics

Third-party hosts loaded (1)

app.usercentrics.eu×1

Social

Contact

Address: Harald-Stender-Platz 1, 20359, Hamburg, Hamburg, Germany

DNS records live

NS

ns1062.ui-dns.biz
ns1062.ui-dns.com
ns1062.ui-dns.de
ns1062.ui-dns.org

MX

0 fcstpauli-com.mail.protection.outlook.com

TXT

Show 4 TXT records

zz7wtj8rl9wrjk3d0jbx44gd1nwhyf8c
1pj1j42p187add5lugjcf24vle
bhznc72nqw3b5s878qvlwllyms3tp1dk
v=spf1 include:p7uaw2ueub.spf.dmarc.alfatier.io include:spf.protection.outlook.com -all

Verified for

Apple
Google
Microsoft 365

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-08-19 to 2026-09-03

Expires in 105 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.fcstpauli.com

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.usercentrics.eu *.kaltura.com *.spendenbank.de *.eye-able.com *.google-analytics.com *.cloudfront.net *.mycrocast.de mycrocast-webplayer.s3.eu-central-1.amazonaws.com *.hsadspixel.net *.hs-analytics.net js.hscta.net js-eu1.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com feedback-eu1.hubapi.com *.hubspotusercontent-na1.net www.googletagmanager.com; style-src 'self' 'unsafe-inline' *.spendenbank.de *.eye-able.com *.cloudfront.net *.amazonaws.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net fonts.googleap

Links to (18)

Linked from (22)