bikezeit.de

.de crawl

First seen 2026-04-24 · Last seen 2026-05-18 · ok HTTP/1.1 200 15621 ms crawled 2026-05-18

FI · 37.27.136.50 · AS24940 Hetzner Online GmbH

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title: Fahrräder | e-Bikes | Zubehör
Language: de

Technology

Server: nginx
CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×2

Social

Contact

Email

webshop@bikezeit.de

Phone

+499401913870

Registration

Updated

2025-08-06

Name servers

nsa3.schlundtech.de.
nsb3.schlundtech.de.
nsc3.schlundtech.de.
nsd3.schlundtech.de.

DNS records live

NS

nsa3.schlundtech.de
nsb3.schlundtech.de
nsc3.schlundtech.de
nsd3.schlundtech.de

MX

10 die-radiologen.in.tmes.trendmicro.eu

TXT

v=DMARC1;p=reject;pct=100;rua=mailto:edv@bikezeit.de;ruf=mailto:edv@bikezeit.de;adkim=r;aspf=r
tmes=b9dbc652847856bed3c8f0ad58ba8b7f

Verified for

Microsoft 365

Email authentication weak

SPF

v=spf1 ip4:87.138.88.183/32 include:spf.tmes.trendmicro.eu include:spf.protection.outlook.com -all

strict (-all)

DMARC

not published

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEZ3RIA63vDLJHdpzt1Rmic2PHq5E15qXi37HzbG8bg1ohntfKGB0oDO7yIOccli+gbXk2TFE5kmYH…

selectors probed

Certificate (current)

R12

from 2026-04-06 to 2026-07-05

Expires in 45 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.bikezeit.de/

present

content-security-policy-report-only
x-frame-options
x-content-type-options

findings

missing HSTS
missing Content Security Policy
weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
content-security-policy-report-only: font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com *.cloudflare.com *.twitter.com *.google.com *.google.co.in *.facebook.com *.twimg.com *.trustedshops.com *.googleapis.com *.bootstrapcdn.com https://fonts.bunny.net 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.twitter.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflow

Links to (1)

facebook.com×2

Linked from (1)

vkm-regensburg.de×2