hochbahn.de

HTML metadata

Title

Hamburger Hochbahn AG

Description

Homepage Hochbahn

Language

de-DE

Generator

CoreMedia Content Cloud

Canonical

https://www.hochbahn.de/de

Translations

en-de

Open Graph

url: https://www.hochbahn.de/de
description: Homepage Hochbahn

Technology

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (6)

app.usercentrics.eu×4
privacy-proxy.usercentrics.eu×3
api.usercentrics.eu×1
cdn.jsdelivr.net×1
fast.fonts.net×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

+49403288-0

Registration

Updated

2021-10-15

Name servers

ns1-02.azure-dns.com.
ns2-02.azure-dns.net.
ns3-02.azure-dns.org.
ns4-02.azure-dns.info.

DNS records live

NS

ns1-02.azure-dns.com
ns2-02.azure-dns.net
ns3-02.azure-dns.org
ns4-02.azure-dns.info

MX

0 hochbahn-de.mail.protection.outlook.com

TXT

Show 6 TXT records

apple-domain-verification=tA5YbgcyYeVCpC9p
google-site-verification=AA4yMK2X-T49LUb3rT1b863_aapsdFU5ieC6nPkOCyc
atlassian-domain-verification=AUx8mqiiAGuyXJ1aydTmotMa6y2TtPL/bNfGD1mGftbHuPat9Y8l96tjM8VhXn9v
atlassian-sending-domain-verification=60b2bcc1-c000-4ad4-9ec6-7a3d3554aee6
teamviewer-sso-verification=6419125f2685482a85197526bd8a3440
google-site-verification=8EmyXb5vXEoQFUPUxXxb74BU_1Q4x55aNbj0_rX_IIM

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:spf.crsend.com include:spf.flowmailer.net ip4:52.148.218.68 ip4:185.213.34.5 -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; sp=none; rua=mailto:mailreporting@hochbahn.de; ruf=mailto:mailreporting@hochbahn.de; fo=0:1:d:s;

policy: quarantine · sp=none

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDf79NRUAWR/2KgGmRfoyIkPjA0s4OAwazbNEqNefR9zcbfZDTWfyilTFWHlVQwb4YDvslBQMyGS9A5x3iPJA…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN8Iz7/pqJWh+0V/SQTrXfLcR6e4Eqn2OCazDv19tMJ1TfGO2Me0DA4t0czHpyQiyGw7k7VJ2q+Iwe…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIg6IkGGdoSzejQt8kqnOFeRkNmfqo5km1g1allP16eTLartNGUmDWXTsUHW2hv/1lxQe3a8ZsW672T0e+…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswezym5tlTjo9TYbHZoPc5zvRNuSBR9A6KAUl9Qozj9oYoO/gL5xNf7F5c9mzrZZNwgTY7R3urgiWCpvNL…

selectors probed

Certificate (current)

R12

from 2026-04-10 to 2026-07-09

Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.hochbahn.de/de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.doubleclick.net https://connect.facebook.net *.amazonaws.com https://www.google-analytics.com https://www.gstatic.com https://www.recaptcha.net https://www.youtube.com *.usercentrics.eu https://www.googletagmanager.com *.jobbase.io *.onlyfy.jobs *.jsdelivr.net blob:; connect-src 'self' https://www.google.com *.amazonaws.com *.usercentrics.eu https://www.dtvp.de https://stats.g.doubleclick.net https://region1.google-analytics.com https://region1.analytics.google.com https://api.usercentrics.eu https://fast.fonts.net *.jsdelivr.net data:; img-src 'self' https://www.facebook.com https://www.google.com https://i.ytimg.com https://www.google.de *.usercentrics.eu https://www.googletagmanager.com data:; worker-src 'self' blob:; object-src 'self' data:; frame-src 'self' https://www.googletagmanager.com *.doubleclick.net *.onlyfy.jobs https://www.recaptcha.net https://www.youtube.com https://app.powerbi.
strict-transport-security: max-age=31536000