indexo.dev

joka.at

.at crawl

First seen 2026-05-23 · Last seen 2026-05-31 · ok HTTP/1.1 200 1410 ms crawled 2026-05-28

AT · 85.31.9.58 · AS21013 eww ag

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Designmöbel vom Möbelhersteller aus Österreich - JOKA
Description
JOKA ist Ihr ✦ Designmöbel Hersteller in Österreich und bietet hochwertige Polstermöbel. ➤ Jetzt klicken & unsere Angebote entdecken!
Language
de
Generator
TYPO3 CMS
Canonical
https://www.joka.at/
Translations
  • de
  • en

Open Graph

url
https://www.joka.at/
title
Designmöbel vom Möbelhersteller aus Österreich - JOKA
locale
de_DE.UTF-8
description
JOKA ist Ihr ✦ Designmöbel Hersteller in Österreich und bietet hochwertige Polstermöbel. ➤ Jetzt klicken & unsere Angebote entdecken!

Technology

Server
nginx

Third-party hosts loaded (1)

  • my.treedis.com×1

Social

DNS records live

NS
  • dns1.telekom.at
  • dns2.telekom.at
  • dns3.telekom.at
MX
  • 10 joka-at.mail.protection.outlook.com
TXT
  • offensity-domain-verification=946fc9be2305e71a187a0704bc014b8cff4d583c7e15a24a3c1595dc4f9e23e6
Verified for
  • Meta
  • Microsoft 365

Email authentication weak

SPF
v=spf1 ip4:85.31.9.48/28 ip4:80.122.32.6 include:spf.protection.outlook.com include:spf.crsend.com ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-25 to 2026-08-23
Expires in 84 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.joka.at/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' data: *.pinterest.com *.doubleclick.net *.facebook.com *.google.com *.google-analytics.com *.gstatic.com *.googleapis.com *.ggpht.com; img-src 'self' data: *.pinimg.com *.pinterest.com *.combeenation.com *.facebook.net *.facebook.com *.gstatic.com *.google-analytics.com *.googletagmanager.com *.google.com *.google.at *.googleapis.com *.ggpht.com; frame-src 'self' *.charly.rocks *.pinterest.com *.treedis.com *.matterport.com *.combeenation.com *.vimeo.com *.youtube-nocookie.com *.google.com *.ggpht.com *.googlevideo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pinimg.com *.pinterest.com cbnpeuwstservice.blob.core.windows.net *.combeenation.com *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.googleapis.com; style-src 'self' 'unsafe-inline' *.googleapis.com
strict-transport-security
max-age=864000

Links to (4)

Linked from (3)