objekt-online.de — domain check, WHOIS, DNS & reputation

HTML metadata

Title: objekt-online.de ist das Branchenportal für Boden, Wand, Fenster, Bodenbeläge, Farben, Tapeten, Sonnenschutz und vieles mehr. - Objekt Online
Description: objekt-online.de ist das Branchenportal für Boden, Wand, Fenster, Bodenbeläge, Farben, Tapeten, Sonnenschutz und vieles mehr.
Language: de
Generator: TYPO3 CMS
Canonical: https://www.objekt-online.de/

Open Graph

title: Branchenportal für Bodenbeläge, Tapeten, Farbe, Sonnenschutz und Heimtextilien
site name: Objekt Online
description: objekt-online.de ist das Branchenportal für Boden, Wand, Fenster, Bodenbeläge, Farben, Tapeten, Sonnenschutz und vieles mehr.

Technology

Server: Apache
CMS: Gatsby

Social

Registration

Updated

2020-07-29

Name servers

ns1.makolan.net.
ns2.makolan.net.
ns3.makolan.net.

DNS records live

NS

ns1.makolan.net
ns2.makolan.net
ns3.makolan.net

MX

0 objektonline-de01e.mail.protection.outlook.com

Email authentication weak

SPF: v=spf1 include:spf.protection.outlook.com ip4:212.110.119.0/24 ip4:195.62.104.176/29 -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-04-18 to 2026-07-17

Expires in 47 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.objekt-online.de/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.facebook.net *.dynamics.com; script-src 'self' data: https://*.openstreetmap.org 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.facebook.net 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.openstreetmap.org *.objekt-online.de *.googletagmanager.com *.google-analytics.com *.facebook.net *.facebook.com *.cloudfront.net maps.google.com *.addevent.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com *.googletagmanager.com; connect-src 'self' data: https://*.openstreetmap.org *.google-analytics.com *.doubleclick.net *.facebook.net *.dynamics.com *.sockjs.pusher.com *.facebook.com *.westeurope.logic.azure.com; font-src 'self' *.facebook.net *.dynamics.com data: *.gstatic.com; style-src 'self' *.facebook.net *.dynamics.com 'unsafe-inline' *.googleapis.com 'report-sample'; worker-src blob: 'report-sample'; report-uri https://www.objek
strict-transport-security: max-age=31536000
content-security-policy-report-only: default-src 'self' *.facebook.net *.dynamics.com; script-src 'self' data: https://*.openstreetmap.org 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.facebook.net 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.openstreetmap.org *.objekt-online.de *.googletagmanager.com *.google-analytics.com *.facebook.net *.facebook.com *.cloudfront.net maps.google.com *.addevent.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com *.googletagmanager.com; connect-src 'self' data: https://*.openstreetmap.org *.google-analytics.com *.doubleclick.net *.facebook.net *.dynamics.com *.sockjs.pusher.com *.facebook.com *.westeurope.logic.azure.com; font-src 'self' *.facebook.net *.dynamics.com data: *.gstatic.com; style-src 'self' *.facebook.net *.dynamics.com 'unsafe-inline' *.googleapis.com 'report-sample'; worker-src blob: 'report-sample'; report-uri https://www.objek

Links to (3)

Linked from (1)

flooright.ch×1