indexo.dev

spielbudenplatz.eu

.eu crawl

First seen 2026-05-02 · Last seen 2026-05-09 · ok HTTP/1.1 200 2165 ms crawled 2026-05-09

DE · 78.47.7.76 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title
Spielbudenplatz Hamburg St. Pauli
Description
Willkommen im Herzen der Reeperbahn
Language
de
Generator
WordPress 6.9.4
Canonical
https://spielbudenplatz.eu/
Translations
  • de

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×3

Social

Contact

Address
Spielbudenplatz, 20359, Hamburg, Hamburg, DE

DNS records live

NS
  • ns.second-ns.com
  • ns1.your-server.de
  • ns3.second-ns.de
MX
  • 10 mail.spielbudenplatz.eu
  • 20 smtp-backup1.portunity.de
  • 30 smtp-backup2.portunity.de
Verified for
  • Apple
  • Brevo
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 a mx include:servers.mcsv.net ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; adkim=r; aspf=r; rua=mailto:report@spielbudenplatz.eu; ruf=mailto:report@spielbudenplatz.eu;
policy: quarantine
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • mail: v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SvAN+hWxZ4jQugtzgaCPmcid3mPa3XKrla0hW/wIl3AwMk5+OyUCKcnNRoCGZU1tV3EFB4/9wYIoJ7PC+QB8Y…
selectors probed

Certificate (current)

Encryption Everywhere DV TLS CA - G2
from 2026-05-05 to 2026-11-20
Expires in 183 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://spielbudenplatz.eu/

present
  • content-security-policy
  • x-content-type-options
  • cross-origin-resource-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.google-analytics.com *.googleapis.com *.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.google-analytics.com *.googleapis.com *.googletagmanager.com; style-src 'self' 'unsafe-inline' *.google-analytics.com *.googleapis.com *.googletagmanager.com *.typekit.net; object-src 'none'; base-uri 'self'; connect-src 'self' *.google-analytics.com *.googletagmanager.com; font-src 'self' data: *.typekit.net *.googleapis.com fonts.gstatic.com; frame-src 'self' *.youtube.com *.google.com; img-src 'self' data: *.smugmug.com *.youtube.com *.ytimg.com *.google-analytics.com *.googletagmanager.com; manifest-src 'self'; media-src 'self'; form-action *.paypal.com 'self';
cross-origin-resource-policy
same-origin

Links to (4)

Linked from (1)