zlb.de

.de crawl

First seen 2026-04-17 · Last seen 2026-05-17 · ok HTTP/1.1 200 4284 ms crawled 2026-05-12

DE · 157.90.134.14 · AS24940 Hetzner Online GmbH

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Startseite Zentral- und Landesbibliothek Berlin | ZLB

Description

Die Zentral- und Landesbibliothek Berlin verfügt über 3,5 Millionen Medien, bietet Beratung, Lernangebote, Veranstaltungen und vieles mehr.

Language

de-de

Generator

TYPO3 CMS

Canonical

https://www.zlb.de/

Translations

de-de
en-gb

Open Graph

url: https://www.zlb.de/
title: Startseite Zentral- und Landesbibliothek Berlin
image:url: https://www.zlb.de/fileadmin/_processed_/6/a/csm_3-Amerika-Gedenkbibliothek-Innen_19843aff5b.png
site name: ZLB
description: Die Zentral- und Landesbibliothek Berlin verfügt über 3,5 Millionen Medien, bietet Beratung, Lernangebote, Veranstaltungen und vieles mehr.

Technology

Server: Apache

Third-party hosts loaded (2)

pretix.eu×2
embed.fundraisingbox.com×1

Social

Contact

Email

Phone

+493090226-401

Address

Blücherplatz 1, D-10961, Berlin

Registration

Updated

2013-08-07

Name servers

a.regfish-ns.net.
b.regfish-ns.net.
c.regfish-ns.net.

DNS records live

NS

a.regfish-ns.net
b.regfish-ns.net
c.regfish-ns.net

MX

10 mx1.verwalt-berlin.de

TXT

google-site-verification=WEwxLnzUF5q-o7CloclhhSaGDDGTU2ExY2LR2nZ7wWQ

Email authentication partial

SPF: v=spf1 a ip4:141.15.0.0/16 ip4:194.15.138.0/23 ip4:130.73.102.219 include:_spf.rexx-suite.com include:spf.crsend.com include:eventis.online include:spf.emailsys.net include:mailserv.regfish.com ~all
softfail (~all)
DMARC: v=DMARC1;p=none
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-05-08 to 2026-08-06

Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.zlb.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
content-security-policy: img-src 'self' *.zlb.de *.voebb.de *.ytimg.com *.vimeocdn.com https://*.genial.ly https://*.genially.com https://*.fundraisingbox.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://reservierung.zlb.de https://pretix.eu https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com matomo.zlb.de pretix.zlb.de *.vimeo.com vimeo.com *.youtube.com https://www.youtube.com https://*.genial.ly https://*.genially.com https://zlb-booking.eventis.online https://*.friendlycaptcha.com https://*.friendlycaptcha.eu https://*.fundraisingbox.com blob:; frame-src zlb.pageflow.io *.google.com *.youtube.com *.canva.com https://www.youtube.com https://www.youtube-nocookie.com *.vimeo.com vimeo.com https://view.genial.ly https://pretix.eu https://*.fundraisingbox.com; connect-src 'self' matomo.zlb.de reservierung.zlb.de pretix.zlb.de https://zlb-booking.eventis.online https://*.googleapis.com *.google.com https://*.gstatic.com https://*.genial.ly h
strict-transport-security: max-age=31536000