indexo.dev

blond-shop.de

.de crawl

First seen 2026-04-25 · Last seen 2026-04-25 · ok HTTP/1.1 200 575 ms crawled 2026-05-19

US · 64.239.109.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Blond | Offizieller Shop für Tickets & Merch
Description
Eintrittskarten für Konzerte & Merch direkt aus dem offiziellen Blond Shop: Da muss man dabei gewesen sein - Der Podcast - Tour 2026 Tickets, T-Shirts, Vinyls & mehr
Language
de
Canonical
https://blond-shop.de
Translations
  • de
  • en

Open Graph

url
https://blond-shop.de
title
Blond | Offizieller Shop für Tickets & Merch
locale
de
site name
Blond | Offizieller Shop
description
Eintrittskarten für Konzerte & Merch direkt aus dem offiziellen Blond Shop: Da muss man dabei gewesen sein - Der Podcast - Tour 2026 Tickets, T-Shirts, Vinyls & mehr

Technology

CDN
Vercel
CMS
Next.js

Third-party hosts loaded (2)

  • assets.krasserstoff.com×60
  • cdn.krasserstoff.com×2

Social

Registration

Updated
2025-02-26
Name servers
  • elle.ns.cloudflare.com.
  • elliot.ns.cloudflare.com.

DNS records live

NS
  • elle.ns.cloudflare.com
  • elliot.ns.cloudflare.com
TXT
  • google-site-verification=-fRGmaOSJFcpw5O2i_k5P-HJC8NiE3lFFzT9y-XVduA

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-02 to 2026-07-31
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://blond-shop.de/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing Content Security Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=(), usb=(), bluetooth=(), midi=(), magnetometer=(), accelerometer=(), gyroscope=(), payment=(self "https://js.stripe.com"), fullscreen=(self)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' js.stripe.com *.js.stripe.com *.paypal.com *.paypalobjects.com connect.facebook.net cdn.eye-able.com www.googletagmanager.com googleads.g.doubleclick.net vercel.live gtm.krasserstoff.com analytics.tiktok.com; style-src 'self' 'unsafe-inline' *.paypal.com cdn.eye-able.com vercel.live; img-src 'self' data: blob: *.krasserstoff.com krasserstoff.com krasserstoff-irl.s3.eu-west-1.amazonaws.com *.stripe.com *.paypal.com *.paypalobjects.com www.facebook.com www.googletagmanager.com vercel.live vercel.com region1.analytics.google.com analytics.google.com www.google.de www.google.com www.google.at www.google.ch cdn.eye-able.com googleads.g.doubleclick.net connect.facebook.net stats.g.doubleclick.net; font-src 'self' cdn.eye-able.com vercel.live assets.vercel.com; connect-src 'self' *.krasserstoff.com krasserstoff.com *.stripe.com *.paypal.com connect.facebook.net graph.facebook.com www.facebook.com google-analytics.com analytics.google.com r

Links to (4)

Linked from (1)