zentralklinik.de

.de crawl

First seen 2026-04-16 · Last seen 2026-05-19 · ok HTTP/1.1 200 1891 ms crawled 2026-05-11

DE · 178.162.226.10 · AS28753 Leaseweb Deutschland GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Bad Berka
Description: Als eines der modernsten Krankenhäuser Deutschlands erfüllt die Zentralklinik Bad Berka einen Versorgungsauftrag weit über Thüringens Grenzen hinaus.
Language: de
Generator: TYPO3 CMS
Canonical: https://www.zentralklinik.de/

Open Graph

title: Bad Berka
description: Als eines der modernsten Krankenhäuser Deutschlands erfüllt die Zentralklinik Bad Berka einen Versorgungsauftrag weit über Thüringens Grenzen hinaus.

Technology

Cookie consent

Cookiebot

Third-party hosts loaded (1)

consent.cookiebot.com×1

Social

Contact

Phone

+49364585-0

Registration

Updated

2021-10-13

Name servers

ns1.telekom.net.
pns.dtag.de.

DNS records live

NS

ns1.telekom.net
pns.dtag.de

MX

10 mail.rhoen-klinikum-ag.com
10 mail2.rhoen-klinikum-ag.com

TXT

Show 5 TXT records

atlassian-domain-verification=OuzPma5BnLThijneY9wCrdx0ZODfyV0O7hobPpGquBGLTa5cWZkmQ2hUPyvezRDG
MS=ms17908243
_telesec-domain-validation=336350_2024-11-19_Os1i2erSDM7YBJZSaPCR7gFBY6lfYXeB9tuYDTR5xWcoYmTHqn
google-site-verification=M7coQqbdI-ygbg-zCUeyYiQHS9BgyXZB8sWjL-UAXUI
apple-domain-verification=MQzu6wC04JCf4bQ7

Email authentication weak

SPF: v=spf1 a mx ip4:52.178.135.21 ip4:185.125.237.64 include:_spf.rexx-suite.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Telekom Security ServerID OV Class 2 CA

from 2025-05-26 to 2026-05-31

Expires in 11 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.zentralklinik.de/

present

content-security-policy
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' securemessage.rhoen-klinikum-ag.com matomo.int.insignio.com *.moin.ai *.cookiebot.com 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com blob: securemessage.rhoen-klinikum-ag.com www.campus-nes.de *.rhoen-klinikum-ag.com matomo.int.insignio.com *.moin.ai *.cookiebot.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com securemessage.rhoen-klinikum-ag.com charts3.equitystory.com app.guide3d.com https://media.video.taxi matomo.int.insignio.com *.moin.ai *.cookiebot.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' securemessage.rhoen-klinikum-ag.com matomo.int.insignio.com *.moin.ai *.cookiebot.com 'report-sample'; style-src 'self' 'unsafe-inline' securemessage.rhoen-klinikum-ag.com matomo.int.insignio.com *.moin.ai *.cookiebot.com 'report-sample'; font-src 'self' data: securemessage.rhoen-klinikum-ag.com matomo.int.in