indexo.dev

hamburg-activecity.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-20 · ok HTTP/1.1 200 3849 ms crawled 2026-05-19

DE · 89.22.121.129 · AS8648 dogado GmbH

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Active City | Startseite
Description
Sport und Bewegung für alle: von Aerobic bis Zumba, im Sportverein oder im Stadtpark – in der Active City finden alle das passende Angebot für sich.
Language
de
Canonical
https://www.hamburg-activecity.de/

Open Graph

url
https://www.hamburg-activecity.de/
title
Active City | Startseite
locale
de_DE
description
Sport und Bewegung für alle: von Aerobic bis Zumba, im Sportverein oder im Stadtpark – in der Active City finden alle das passende Angebot für sich.
locale:alternate
en_US

Technology

Server
nginx

Third-party hosts loaded (1)

  • cdnjs.cloudflare.com×1

Registration

Updated
2023-05-22
Name servers
  • ns1.domaindiscount24.net.
  • ns2.domaindiscount24.net.
  • ns3.domaindiscount24.net.

DNS records live

NS
  • ns1.domaindiscount24.net
  • ns2.domaindiscount24.net
  • ns3.domaindiscount24.net
MX
  • 10 hamburg-activecity.de
Verified for
  • Brevo
  • Google

Email authentication weak

SPF
not published
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R13
from 2026-03-21 to 2026-06-19
Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.hamburg-activecity.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(self), microphone=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.hamburg-activecity.de hamburg-activecity.s3.eu-central-1.amazonaws.com api.mapbox.com events.mapbox.com *.plyr.io *.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' api.mapbox.com *.stripe.com *.stripe.network *.googleapis.com *.facebook.net *.twitter.com *.hamburg-activecity.de cdnjs.cloudflare.com; style-src 'self' api.mapbox.com *.googleapis.com data: 'unsafe-inline'; frame-src sibforms.com *.google.com *.twitter.com *.youtube.com *.stripe.com *.spotify.com *.hamburg-spiele.de; frame-ancestors 'self' https://www.hamburg-spiele.de https://hamburg-spiele.de; form-action 'self'; img-src * data: blob:; font-src 'self' fonts.gstatic.com data:; worker-src 'self' *.hamburg-activecity.de blob:; media-src 'self' hamburg-activecity.s3.eu-central-1.amazonaws.com *.cdninstagram.com *.hamburg-spiele.de blob:
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (34)