indexo.dev

playmobil.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1447 ms crawled 2026-05-19

DE · 62.91.41.42 · AS20686 Bisping & Bisping GmbH & Co KG

Reputation 100/100

Classifying

HTML metadata

Title
PLAYMOBIL® Deutschland
Description
Willkommen bei PLAYMOBIL®! Entdecke alle Produkte, Ergänzungen & Zubehör undfantastische Themenseiten.
Language
de-DE
Canonical
https://www.playmobil.com/de-de/
Translations
  • fr ×4
  • de ×3
  • en ×3
  • es ×2
  • nl ×2
  • da
  • el
  • hu
  • it
  • pl
  • pt
  • sv

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights

Third-party hosts loaded (4)

  • cdn.eye-able.com×2
  • access.eye-able.com×1
  • cdn.cquotient.com×1
  • static.cloudflareinsights.com×1

Social

Registration

Registrar
InterNetX GmbH
Created
1997-07-26
Expires
2026-07-25 65 days left
Updated
2025-07-26
Name servers
  • ns.bisping.de
  • ns2.bisping.de
  • ns3.bisping.de

DNS records live

NS
  • ns.bisping.de
  • ns2.bisping.de
  • ns3.bisping.de
MX
  • 10 mxa-006eac01.gslb.pphosted.com
  • 10 mxb-006eac01.gslb.pphosted.com
TXT
  • _nfl0x8yb6sxd7ey0s8o5oko35u0sa4q
  • 05nJYD0RZUW+EHOA4g1WV36k9/a9EZaOtliHQsMY1phhfjc33NDHMpsalqgkv5Jb1sYi5y5GftvSuoOAqxgrhg==
Verified for
  • Apple
  • Atlassian
  • Google
  • Meta
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1
from 2026-03-10 to 2026-09-25
Expires in 127 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.playmobil.com/de-de/

present
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=(), microphone=(), camera=()
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' https:; script-src 'self' https://*.adyen.com https://*.amazon-adsystem.com https://*.bc0a.com https://*.bing.com https://*.cdn-apple.com https://*.clarity.ms https://*.cquotient.com https://*.doubleclick.net https://*.evgnet.com https://*.eye-able.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.hcaptcha.com https://*.igodigital.com https://*.instagram.com https://*.cdninstagram.com https://*.jentis.de https://*.klarna.com https://*.klarnacdn.net https://*.mynewsdesk.com https://*.onetrust.eu https://*.paypal.com https://*.playmobil.com https://*.teads.tv https://*.uc8.tv 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://*.adyen.com https://*.eye-able.com https://*.googleapis.com https://*.hcaptcha.com https://*.jentis.de 'unsafe-inline'; img-src 'self' data: https: blob: https://*.amazon-adsystem.com https://*.bigconten

Links to (5)

Linked from (5)