indexo.dev

bauernzeitung.at

.at crawl

First seen 2026-05-21 · Last seen 2026-06-01 · ok HTTP/1.1 200 2175 ms crawled 2026-05-27

US · 104.21.45.222 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
BauernZeitung - Start
Description
Die Online-Plattform für den ländlichen Raum
Language
de
Canonical
https://bauernzeitung.at/

Open Graph

title
BauernZeitung
description
Die Online-Plattform für den ländlichen Raum

Technology

CDN
Cloudflare
CMS
Nuxt

Third-party hosts loaded (1)

  • a.storyblok.com×52

Social

DNS records live

NS
  • cora.ns.cloudflare.com
  • lou.ns.cloudflare.com
MX
  • 10 d326828.a.ess.de.barracudanetworks.com
  • 20 d326828.b.ess.de.barracudanetworks.com
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:spf.ess.de.barracudanetworks.com include:_spf.media-data.at ip4:213.47.210.120/29 -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38jxRca46iLk9502XZ5mYndN2YR8aaRGSJssPbskBhj3RBUR2p9tEzrqVbsO2/pkz1shYQpUVKD1VXjNtA…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/O8xKjXzvy/SL5LOr71+aCFtlHJWFtOE8G6+8jmkR1pw6fvWSYDLMH4OK13730YdMJDEB+K93su6Sw++/…
selectors probed

Certificate (current)

WE1
from 2026-05-01 to 2026-07-30
Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://bauernzeitung.at/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
no-referrer
permissions-policy
camera=(), display-capture=(), fullscreen=(*), geolocation=(self), microphone=()
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; font-src 'self' https: data:; form-action 'self'; img-src 'self' data: *.storyblok.com blob: *.your-objectstorage.com *.cookiefirst.com; object-src 'none'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' *.storyblok.com *.cloudflare.com *.cookiefirst.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.storyblok.com *.cloudflare.com *.cookiefirst.com *.jsdelivr.net; upgrade-insecure-requests; default-src 'self' *.storyblok.com; connect-src 'self' *.storyblok.com *.cloudflare.com *.algolia.net *.algolianet.com *.algolia.io *.algolia.com cdn.jsdelivr.net unpkg.com preise.agrarforschung.at *.cookiefirst.com; frame-src self *.cloudflare.com *.openstreetmap.org *.fsn1.your-objectstorage.com *.youtube.com open.spotify.com;
strict-transport-security
max-age=15552000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (3)

Linked from (3)