baywa-baumarkt.de

.de crawl

First seen 2026-04-14 · Last seen 2026-05-15 · ok HTTP/1.1 200 3004 ms crawled 2026-05-08

DE · 83.138.60.103 · AS8422 NetCologne Gesellschaft fur Telekommunikation mbH

Reputation 100/100

Classifying

HTML metadata

Title: BayWa Bau & Garten: Ihr Online-Shop für Haus & Heimwerken
Description: Große Vielfallt ✓ mehr als 100.000 Produkte ✓ Top Beratung & Servie | BayWa Bau & Garten
Language: de-DE
Canonical: https://www.baywa-baumarkt.de/

Open Graph

url: https://www.baywa-baumarkt.de/
title: BayWa Bau & Garten: Ihr Online-Shop für Haus & Heimwerken
site name: BayWa Bau- & Gartenmärkte GmbH & Co. KG
description: Große Vielfallt ✓ mehr als 100.000 Produkte ✓ Top Beratung & Servie | BayWa Bau & Garten

Technology

Server: nginx

Cookie consent

Usercentrics

Third-party hosts loaded (4)

cdn.hellweg.digital×66
web.cmp.usercentrics.eu×4
privacy-proxy.usercentrics.eu×3
api.usercentrics.eu×2

Social

Registration

Updated

2016-03-11

Name servers

a.ns14.net.
b.ns14.net.
c.ns14.net.
d.ns14.net.

DNS records live

NS

a.ns14.net
b.ns14.net
c.ns14.net
d.ns14.net

MX

10 mx-in01.eu.retarus.com
10 mx-in02.eu.retarus.com

TXT

atlassian-sending-domain-verification=2c6d1b21-8801-4f06-af22-8a9abfe5df2b
atlassian-domain-verification=aPsIrEVlGTfVHTEuH8mirSNfoe7XCL5GYOKvfalJMMhRCAN815AoYO3wuSoIJky1
MS=ms34638502

Email authentication strong

SPF

v=spf1 ip4:145.253.78.114 a:smtp.twt.net a:smtp.twt.services mx a include:_spf.atlassian.net include:spf.protection.outlook.com include:_spf.on.services -all

strict (-all)

DMARC

v=DMARC1; p=reject; adkim=r; aspf=r; rua=mailto:mailauth-reports@baywa-baumarkt.de;

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAUFgVn+0E/zYXYPJVBGgYJeyjQpSLbhIqUIj9y8ntfXmBTwrvzBI9lAiyjihfnXu7nHDtdu5EmN4akd/H…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAungUwEBxY27bD5ZdPyfHRfyJUjwyWmgt4nyLpKEojcfhyKlvg0kll2johGvm4eJ/4HLYEuUG1iDYSCx7fh…

selectors probed

Certificate (current)

Thawte TLS RSA CA G1

from 2025-10-06 to 2026-11-04

Expires in 168 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.baywa-baumarkt.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: Allow-From file:///android_asset/www/index.html
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.hellweg.digital applepay.cdn-apple.com *.chatvisor.com *.clic2buy.com *.dynamicyield.com *.ecn-ldr.de *.econda-monitor.de *.facebook.net *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.hellweg.test hibitaro.de *.hibitaro.de *.idealo-partner.com *.jsdelivr.net *.loadbee.com *.payments-amazon.com *.paypal.com *.paypalobjects.com js.braintreegateway.com assets.braintreegateway.com *.pay1.de *.searchhub.io *.tp-de.net *.trustedshops.com integrations.etrusted.com *.usercentrics.eu; frame-src *.econda-monitor.de *.google.com *.googletagmanager.com *.dynamicyield.com applepay.cdn-apple.com *.hellweg.test hibitaro.de *.hibitaro.de *.idealo-partner.com *.loadbee.com *.paypal.com *.cardinalcommerce.com assets.braintreegateway.com secure.pay1.de *.tp-de.net *.usercentrics.eu *.youtube.com *.youtube-nocookie.com;
strict-transport-security: max-age=31536000; includeSubDomains