heimatfan.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 10852 ms crawled 2026-05-15

DE · 78.46.2.104 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title: Eigener Fanshop mit heimatfan.com: heimatfan
Description: Erstellt jetzt euren eigenen kostenlosen Fanshop und sammelt mit jedem Verkauf Spenden für euren Verein.
Language: de
Generator: TYPO3 CMS
Canonical: https://www.heimatfan.com/

Technology

Server: Apache

Social

Registration

Registrar

InterNetX GmbH

Created

2024-04-09

Expires

2027-04-09 324 days left

Updated

2026-04-10

Name servers

nsa3.schlundtech.de
nsb3.schlundtech.de
nsc3.schlundtech.de
nsd3.schlundtech.de

DNS records live

NS

nsa3.schlundtech.de
nsb3.schlundtech.de
nsc3.schlundtech.de
nsd3.schlundtech.de

MX

10 dev.inbound-mail.novu.co
20 mx00.ionos.de

TXT

google-site-verification=OMPynKmrNaq13Z7Sm-60nt9usJJpxQ1rmEVYMyVxZnU
zone-ownership-verification-aceaefdc3bf230663525cd00e613a7162141306d666c78c5849a7574517f8722
google-site-verification=yC1zcJtfudjdBKwJE0fqH0Oy8oRPubtdfrdKcF5Dmrk

Email authentication strong

SPF

v=spf1 include:sendgrid.net a:mout.kundenserver.de a mx include:sendgrid.net include:_spf.perfora.net include:_spf.kundenserver.de include:_spf-eu.ionos.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; pct=90;

policy: quarantine · pct=90

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VbXjABsdeC+t0TQKz+9psjPZLhyAXtkzl6EIY5akBFQvP3S/w48IULzzGpQsoypjb+xLFc7ZdPc9DoDMK…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6JQF3gOeCINiyAniniVVddB4+6JIjv+8y6Ud1KYs891iSwy0mdsq2/E7WmJ2k1gUigvPLXTmPoeHtszX/…

selectors probed

Certificate (current)

R13

from 2026-04-01 to 2026-06-30

Expires in 41 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.heimatfan.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: sameorigin
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; script-src-elem 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; img-src 'self' data:; font-src 'self' data:; frame-src 'self';
strict-transport-security: max-age=31536000

Links to (5)

Linked from (2)

ksv-baunatal.de×2
eintracht-baunatal.de×2