indexo.dev

pickup.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 557 ms crawled 2026-05-18

US · 76.76.21.21 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
PiCK UP! Keksriegel
Description
Welcome to PickUp!
Language
en

Open Graph

title
PiCK UP! Keksriegel
site name
Pick UP!
description
Welcome to PickUp!

Technology

CDN
Vercel
CMS
Next.js

Registration

Updated
2011-09-15
Name servers
  • ns1.lemarit.de.
  • ns1.lemarit.net.
  • ns2.lemarit.de.
  • ns2.lemarit.net.
  • ns3.lemarit.de.

DNS records live

NS
  • ns1.lemarit.de
  • ns1.lemarit.net
  • ns2.lemarit.de
  • ns2.lemarit.net
  • ns3.lemarit.de
MX
  • 10 mail1.lemarit.de
  • 10 mail2.lemarit.de
TXT
  • google-site-verification=hJfbLUWgw8uxc4CsSaJ-X7zaNY80hM1Jnsrjzb9kgOs
  • bahlsen-473110-cd.azurewebsites.net

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-16 to 2026-07-15
Expires in 56 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://pickup.de/welcome

present
  • strict-transport-security
  • content-security-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' https://a.storyblok.com https://vercel.live https://wa.bahlsen.io wss://ws-us3.pusher.com https://sockjs-us3.pusher.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://wa.bahlsen.io https://vercel.live https://app.storyblok.com; style-src 'self' 'unsafe-inline' https://vercel.live; img-src 'self' blob: data: https://a.storyblok.com https://wa.bahlsen.io https://vercel.com; font-src 'self' https://vercel.live; object-src 'none'; base-uri 'self'; form-action 'self'; connect-src 'self' https://api.friendlycaptcha.com https://global.frcapi.com https://wa.bahlsen.io; frame-ancestors https://app.storyblok.com; frame-src https://*.friendlycaptcha.com https://*.frcapi.com; upgrade-insecure-requests;
strict-transport-security
max-age=63072000

Links to (2)

Linked from (6)