indexo.dev

thomannmusic.com

.com crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 400 ms crawled 2026-06-02

DE · 212.204.75.160 · AS8767 M-net Telekommunikations GmbH

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Buy musical instruments online from the market leader – United States
Description
Buy your new musical instrument and accessories online from Europe's largest music retailer. Top quality and variety at Thomann.
Language
en
Canonical
https://www.thomannmusic.com
Translations
  • en ×7
  • de ×3
  • fr ×2
  • cs
  • da
  • es
  • fi
  • hu
  • it
  • nl
  • pl
  • pt
  • ro
  • sv

Open Graph

url
https://www.thomannmusic.com
title
Thomann - Welcome Home!
locale
en_GB
site name
Musikhaus Thomann
description
Browse our huge range of musical instruments, studio, lighting, and PA equipment at Europe's largest music retailer. We have the hottest brands, affordable alternatives and many free resources for musicians.

Technology

CDN
Cloudflare
CMS
Gatsby
Analytics
  • Google Tag Manager
Third-party hosts loaded (20)
  • fast-images.static-thomann.de×141
  • thumbs.static-thomann.de×24
  • www.thomann.de×7
  • images.static-thomann.de×2
  • www.googletagmanager.com×1
  • www.thomann.ae×1
  • www.thomann.at×1
  • www.thomann.co.uk×1
  • www.thomann.dk×1
  • www.thomann.es×1
  • www.thomann.fr×1
  • www.thomann.it×1
  • www.thomann.nl×1
  • www.thomann.pl×1
  • www.thomann.pt×1
  • www.thomann.ro×1
  • www.thomann.se×1
  • www.thomannmusic.ch×1
  • www.thomannmusic.hu×1
  • www.thomannmusic.no×1

Social

Registration

Registrar
InterNetX GmbH
Created
2000-07-11
Expires
2026-07-11 37 days left
Updated
2026-04-13
Name servers
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net

DNS records live

NS
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net
Verified for
  • Meta

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

RapidSSL TLS RSA CA G1
from 2026-02-09 to 2027-03-03
Expires in 272 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.thomannmusic.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.thomannmusic.com *.thomann.de app.storyblok.com connect.facebook.net analytics.tiktok.com *.adform.net www.google-analytics.com sc-static.net s.pinimg.com www.youtube.com challenges.cloudflare.com *.payments-amazon.com www.googleadservices.com userlike-cdn-umm.b-cdn.net bat.bing.com www.googletagmanager.com www.googletagservices.com tr.snapchat.com ct.pinterest.com js.appboycdn.com *.g.doubleclick.net widgets.trustedshops.com tpc.googlesyndication.com *.clarity.ms cdn.avo.app maps.googleapis.com pagead2.googlesyndication.com ep2.adtrafficquality.google www.paypal.com; frame-src 'self' *.thomannmusic.com *.thomann.de *.g.doubleclick.net *.safeframe.googlesyndication.com challenges.cloudflare.com ct.pinterest.com td.doubleclick.net tpc.googlesyndication.com tr.snapchat.com www.facebook.com www.google.com www.youtube-nocookie.com www.googletagmanager.com ep2.adtrafficquality.google www.paypal.com; frame-ancestors 'self' app.storyblok.com;

Links to (8)

Linked from (1)