bahlsen.com

HTML metadata

Title: Welcome to the Bahlsen website | Bahlsen
Description: Bahlsen has been producing high-quality pastries for over 130 years. Discover our delicate cookies, wafers and special editions.
Language: en

Open Graph

url: https://www.bahlsen.com/
title: Welcome to the Bahlsen website | Bahlsen
site name: Bahlsen
description: Bahlsen has been producing high-quality pastries for over 130 years. Discover our delicate cookies, wafers and special editions.

Technology

CDN: Vercel
CMS: Next.js

Contact

Address: st for you.imprintterms of useprivacy policy©2026

Registration

Registrar

COREhub, S.R.L.

Created

1996-03-04

Expires

2027-03-05 289 days left

Updated

2026-03-06

Name servers

ns1.lemarit.de
ns1.lemarit.net
ns2.lemarit.de
ns2.lemarit.net
ns3.lemarit.de

DNS records live

NS

ns1.lemarit.de
ns1.lemarit.net
ns2.lemarit.de
ns2.lemarit.net
ns3.lemarit.de

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 9 TXT records

canva-site-verification=_FAP7gXekxVK4P6uzma83g
198f15e121d846ff0dfb87788be5bb6320435afd175c8ec998ab7c7cab33aec2
fbqvchhfkxvgvtsv0t362467j0lllq03
google-site-verification=MwakR9K5DYX2-2oKX2y6nvJitOzxGf4GL2vhZrborlY
google-site-verification=C2xxSVdw96hPfIDAAJaCGiCmqgx13X6cz84mbOIWhM8
google-site-verification=EfspXS1WYwrQbu06IPQBvJCShfkQkWXm4cK1RQ3uSbo
google-site-verification=K-yZgDRYe-awIr95EfVUuNhR0CPrwPwxuLAnbPgW0hQ
MS=ms28260123
adobe-idp-site-verification=a063c990c751fcb628257b59bc7b20c67ab47328b3972baa9d0a4532fd251d0c

Email authentication partial

SPF

v=spf1 ip4:87.253.236.32 ip4:87.253.236.169 include:servers.mcsv.net include:_spf.google.com include:spf.chemmedia.de include:_spf.rexx-suite.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc.rua@bahlsen.com;

policy: none (monitoring only)

DKIM

k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…

selectors probed

Certificate (current)

R13

from 2026-04-09 to 2026-07-08

Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bahlsen.com/welcome/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: camera=(), microphone=(), geolocation=(self "https://shelfsmartdata.com"), payment=(), usb=(), magnetometer=(), gyroscope=(self "https://api.friendlycaptcha.com" "https://global.frcapi.com"), accelerometer=(self "https://api.friendlycaptcha.com" "https://global.frcapi.com"), autoplay=(self), encrypted-media=(), fullscreen=(self), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://wa.bahlsen.io https://vercel.live https://app.storyblok.com https://cdn.jsdelivr.net https://www.youtube.com; style-src 'self' 'unsafe-inline' https://vercel.live; img-src 'self' https://a.storyblok.com https://vercel.com; font-src 'self' https://vercel.live; object-src https://a.storyblok.com https://www.youtube.com; base-uri 'self'; form-action 'self'; connect-src 'self' https://vercel.live https://www.youtube.com https://wa.bahlsen.io wss://ws-us3.pusher.com https://sockjs-us3.pusher.com https://api.friendlycaptcha.com https://global.frcapi.com; frame-ancestors https://app.storyblok.com https://vercel.live; frame-src https://vercel.live https://shelfsmartdata.com/ https://global.frcapi.com https://api.friendlycaptcha.com https://www.youtube.com; upgrade-insecure-requests; media-src 'self' https://a.storyblok.com;
strict-transport-security: max-age=63072000

Links to (2)

leibniz.com×3
pickup.de×3