zap-nussloch.de

.de crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 6986 ms crawled 2026-05-16

DE · 92.205.193.35 · AS60253 Host Europe GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Zentrum Aktiver Prävention | ZAP Nussloch
Description: Für die Allerkleinsten bis zu den Erwachsenen gibt es qualifizierte Sportangebote. Mein Sport hat ein Zuhause. Überzeugen Sie sich selbst.
Language: de-de
Generator: TYPO3 CMS
Canonical: https://www.zap-nussloch.de/

Open Graph

url: https://www.zap-nussloch.de/
title: Zentrum Aktiver Prävention
sitename: Home
description: Für die Allerkleinsten bis zu den Erwachsenen gibt es qualifizierte Sportangebote. Mein Sport hat ein Zuhause. Überzeugen Sie sich selbst.

Technology

Server: nginx
CMS: Joomla

Third-party hosts loaded (1)

project-widget.betterplace.org×1

Social

Contact

Email

Phone

Address

Walldorfer Str. 100, 69226, Nußloch, DE

Registration

Updated

2023-12-13

Name servers

ns81.domaincontrol.com.
ns82.domaincontrol.com.

DNS records live

NS

ns81.domaincontrol.com
ns82.domaincontrol.com

MX

100 mxlb.ispgateway.de

TXT

kdiscover https://webmail.racket-center.org/webapp/
8rdp9vt068f0nbrfvpu3ct2t91

Email authentication weak

SPF: v=spf1 mx a a:sslout.de a:smtp.zap-nussloch.de include:ispgateway.de ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Starfield Secure Certificate Authority - G2

from 2025-11-24 to 2026-12-23

Expires in 216 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.zap-nussloch.de/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' fonts.gstatic.com; script-src 'self' *.insightful-datavisionary.com *.ytimg.com *.jsdelivr.net *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.google-analytics.com *.googleapis.com *.google.com *.g.doubleclick.net googleads.g.doubleclick.net *.emailsys1a.net *.hcaptcha.com hcaptcha.com *.facebook.net connect.facebook.net *.facebook.com *.chaindesk.ai *.leadinfo.net *.leadinfo.com *.ahrefs.com *.hotjar.com *.ddev.site *.zap-nussloch.de analytics.zap-nussloch.de youtu.be www.betterplace-widget.org betterplace-assets.betterplace.org datefix.de www.datefix.de *.datefix.de courseplan.noexcuse.io *.noexcuse.io *.raceresult.com players.yumpu.com *.yumpu.com www.recaptcha.net *.recaptcha.net cdn.signalfx.com *.signalfx.com 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com *.zap-nussloch.de documents.yumpu.com *.chaindesk.ai *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net co
strict-transport-security: max-age=31536000; includeSubDomains