indexo.dev

profikarstensen.de

.de crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 6328 ms crawled 2026-05-15

DE · 20.113.89.25 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

sector b2b services type homepage

HTML metadata

Title
Karstensen – Ihr starker Partner im Baustoffhandel
Description
Exzellentes und vielfältiges Sortiment in Niebüll & Keitum bei Karstensen
Language
de
Canonical
https://app-team-web-prod-sub-karstensen-yellow-hweyf2c7eecsewbf.germanywestcentral-01.azurewebsites.net//

Technology

CMS
Next.js
Cookie consent
  • Usercentrics

Third-party hosts loaded (5)

  • assets.team.de×19
  • a.storyblok.com×5
  • app-team-web-prod-sub-karstensen-yellow-hweyf2c7eecsewbf.germanywestcentral-01.azurewebsites.net×1
  • app.usercentrics.eu×1
  • privacy-proxy.usercentrics.eu×1

Social

Registration

Updated
2024-10-17
Name servers
  • nsa7.schlundtech.de.
  • nsb7.schlundtech.de.
  • nsc7.schlundtech.de.
  • nsd7.schlundtech.de.

DNS records live

NS
  • nsa7.schlundtech.de
  • nsb7.schlundtech.de
  • nsc7.schlundtech.de
  • nsd7.schlundtech.de
MX
  • 10 mx1.agenturserver.de
  • 20 mx2.agenturserver.de
TXT
  • heyhack-verification=ccfe0310-1036-4ad2-8529-a3de95954aed
  • _globalsign-domain-verification=-c7DEp_GX0KClcB_A_6a1nvPqtPIUARz2zM9hCnBFV
  • _globalsign-domain-verification=8RYG03ywCdNreiKrl6e0jThDnEU8EbBt7Tl9btg0ls

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

GlobalSign GCC R6 AlphaSSL CA 2025
from 2025-12-02 to 2027-01-03
Expires in 229 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.profikarstensen.de/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com marketing.velux.de; img-src * data:; font-src 'self' fonts.gstatic.com marketing.velux.de data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.matomo.cloud *.usercentrics.eu *.youtube.com app.storyblok.com maps.googleapis.com marketing.velux.de blob:; worker-src 'self' blob:; connect-src *; frame-src www.google.com ipaper.ipapercms.dk *.outlook.com *.visuscreen.de www.tankpool24.eu bsl-online.de www.youtube-nocookie.com solarrechner.eturnity.io; frame-ancestors 'self' https://app.storyblok.com;
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (1)