jazzpalace.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-10 · ok HTTP/1.1 200 5414 ms crawled 2026-05-14

DE · 167.233.9.132 · AS24940 Hetzner Online GmbH

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title: Das Netzwerk für Jazz Artists, Clubs & Fans, um neue Events zu feiern, die Menschen verbinden. | Jazz Palace
Description: Begleite uns auf unserem Weg zu einer globalen Community der neuen Generation des Jazz!
Language: de

Open Graph

url: /de
title: Das Netzwerk für Jazz Artists, Clubs & Fans, um neue Events zu feiern, die Menschen verbinden.
locale: en_GB
site name: Jazz Palace | Das Netzwerk für Jazz Artists, Clubs & Fans, um neue Events zu feiern
description: Begleite uns auf unserem Weg zu einer globalen Community der neuen Generation des Jazz!

Technology

Third-party hosts loaded (1)

jazz-palace-api-production.nbg1.your-objectstorage.com×17

Social

Registration

Registrar

Hetzner Online GmbH

Created

2013-02-22

Expires

2028-02-22 643 days left

Updated

2026-02-05

Name servers

helium.ns.hetzner.de
hydrogen.ns.hetzner.com
oxygen.ns.hetzner.com

DNS records live

NS

helium.ns.hetzner.de
hydrogen.ns.hetzner.com
oxygen.ns.hetzner.com

MX

0 jazzpalace-com.mail.protection.outlook.com

TXT

MS=ms84850500
google-site-verification=bWzSamNr8_eZBeG44gb3w584fD3sjYP1AC1CjKTBRaw

Email authentication strong

SPF

v=spf1 ip4:116.202.179.205 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:re+c6wcewec1je@dmarc.postmarkapp.com; ruf=mailto:re+c6wcewec1je@dmarc.postmarkapp.com; fo=1; sp=reject; pct=100

policy: quarantine · sp=reject

DKIM

mail: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5jI2pYHA73WOpFSJ8cunv272vXaKSIRjO4aHp70Uw+xzPF4sX4s7e4S1LLQ3xr6QuSB4snDCrQzWZ…

selectors probed

Certificate (current)

R13

from 2026-05-11 to 2026-08-09

Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://jazzpalace.com/de

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; connect-src 'self' api.local.jazzpalace.com *.jazzpalace.com jazz-palace-api-staging.nbg1.your-objectstorage.com jazz-palace-api-production.nbg1.your-objectstorage.com; img-src * data: blob:; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' jazzpalace.com *.jazzpalace.com; worker-src 'self' blob:; font-src 'self' data: jazz-palace-api-staging.nbg1.your-objectstorage.com jazz-palace-api-production.nbg1.your-objectstorage.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; media-src jazz-palace-api-staging.nbg1.your-objectstorage.com jazz-palace-api-production.nbg1.your-objectstorage.com; frame-src https://www.youtube.com https://www.youtube-nocookie.com;

Links to (4)

Linked from (1)

jazz-fun.de×2