indexo.dev

vitbikes.de

.de crawl

First seen 2026-04-23 · Last seen 2026-05-17 · ok HTTP/1.1 200 2798 ms crawled 2026-05-17

US · 104.26.14.75 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
vit:bikes - Fahrrad - E-Bikes
Description
vit:bikes - Fahrrad - E-Bikes
Language
de
Generator
CS Designer 2
Canonical
https://vitbikes.de/

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
  • Google Tag Manager

Third-party hosts loaded (5)

  • vit.mh-cf.de×15
  • static.cloudflareinsights.com×1
  • unpkg.com×1
  • widgets.trustedshops.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Updated
2026-03-24
Name servers
  • dante.ns.cloudflare.com.
  • shaz.ns.cloudflare.com.

DNS records live

NS
  • dante.ns.cloudflare.com
  • shaz.ns.cloudflare.com
MX
  • 0 vitbikes-de.mail.protection.outlook.com
TXT
Show 5 TXT records
  • google-site-verification=u8GS69RI30r6Vm6nUT6HsYUahM0foOtlfzsNujhPp2g
  • tiktok-developers-site-verification=NTWE5bxE3o26Q8mMWpfsgs1Jgedm3Gd4
  • anthropic-domain-verification-jnxqd6=ZVfhtPUgn7Rwfxk5nKa4eJBhV
  • asv=8e8df3de199f4851efbb95a9f100a5bf
  • brevo-code:cd2eb07e348591d5310ac76f5d0b4bdd

Email authentication strong

SPF
v=spf1 a mx ip4:52.157.149.216 include:spf.protection.outlook.com include:spf.zoho.eu include:eu.transmail.net include:7347728.spf06.hubspotemail.net ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; sp=none; rua=mailto:931125b7e3704adf87258a78152cafdc@dmarc-reports.cloudflare.net,mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400
policy: quarantine · sp=none
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

WE1
from 2026-03-19 to 2026-06-17
Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://vitbikes.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
microphone=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (2)