ggh-heidelberg.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2550 ms crawled 2026-05-18

DE · 78.46.177.242 · AS24940 Hetzner Online GmbH

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: GGH Heidelberg - Home
Language: de
Canonical: https://ggh-heidelberg.de

Open Graph

url: https://ggh-heidelberg.de/
title: Home
locale: de
site name: GGH Heidelberg

Technology

Server: Apache

Social

Contact

Phone

06221 5305-0

Registration

Updated

2021-01-13

Name servers

ns43.domaincontrol.com.
ns44.domaincontrol.com.

DNS records live

NS

ns43.domaincontrol.com
ns44.domaincontrol.com

MX

10 gghheidelberg-de0i.mail.protection.outlook.com

TXT

BBqeVCuv5mgP7aNAj2f4wQm8UdcDQCtSIWouCkRymwVQ4xnk8xP8q7OPZ2ZGTYW04QMM/hfjS54bP7isFD1TDw==

Verified for

Apple
Brevo
Cisco
Microsoft 365

Email authentication partial

SPF

v=spf1 a mx ip4:81.89.197.102 ip4:81.89.197.103 ip4:188.94.250.251 ip4:116.202.139.228 include:spf.codepiraten.com include:spf.sendinblue.com include:agenturserver.de include:_spf.aareon.com include:spf.protection.outlook.com include:spf.cloud.ci-solution.com -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400

policy: none (monitoring only) · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VnLl8tBfFeNSRmvPfC6yJAEKov9NHUTLQv+pWVFY4MoRVjnu1aIJVB6qWsRnt4DSsr8Vi/mKUe+Wi…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

Encryption Everywhere DV TLS CA - G2

from 2025-09-27 to 2026-09-27

Expires in 129 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://ggh-heidelberg.de/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: style-src-elem 'self' 'unsafe-inline' http: https: *.ggh-heidelberg.de *.googletagmanager.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com nominatim.openstreetmap.org maps.googleapis.com *.googletagmanager.com *.ggh-heidelberg.de *.pimcore.org; media-src https: data: *.googletagmanager.com *.ggh-heidelberg.de; img-src https: data: blob: *.googletagmanager.com *.ggh-heidelberg.de; font-src https: data: *.googletagmanager.com *.ggh-heidelberg.de; worker-src https: data: blob: *.ggh-heidelberg.de;

Links to (5)

Linked from (2)

hospital-heidelberg.de×4
heidelberg.de×3