hartlauer.at

HTML metadata

Title: Hartlauer | Tigern Sie zum Löwen!
Description: Wir sind für Sie da: ✓ 160x in Österreich & im Hartlauer Online Shop ✓ Fotos, Handys, Optik & Hörgeräte ✓ Top Service ► Jetzt mehr erfahren!
Language: de

Open Graph

url: https://www.hartlauer.at/
title: Hartlauer

Technology

CDN: Cloudflare

Analytics

Cloudflare Insights
Google Tag Manager

Cookie consent

OneTrust

Fonts

Google Fonts

Third-party hosts loaded (11)

cdn.cookielaw.org×3
cdn.cquotient.com×2
book.timify.com×1
cdn.evgnet.com×1
cdnjs.cloudflare.com×1
e.cquotient.com×1
fonts.gstatic.com×1
geolocation.onetrust.com×1
maps.googleapis.com×1
static.cloudflareinsights.com×1
www.googletagmanager.com×1

Social

Contact

Phone

+43800311333

DNS records live

NS

dns1.a1.net
dns2.a1.net
dns3.a1.net
ns4.exacttarget.com

MX

10 d310945.a.ess.de.barracudanetworks.com
20 d310945.b.ess.de.barracudanetworks.com

TXT

Show 10 TXT records

canva-site-verification=8eGT9rKfUI-bt8P0o-EUWg
8dabjjpjtaa3h74v654rue01ip
google-site-verification=CHLSrb8yxgaVls5A29g0pWm0yZqjFzQSbVf10O4K5nw
atlassian-domain-verification=UByDBQc8vDLk1EApWR65UhiH3MBjsfqBCQQPwWTZkQPw473oAMJN34uAWD/8RH85
MS=ms61803209
facebook-domain-verification=1wivpze51aoo7ybe9mvjgrceuhjp32
cisco-ci-domain-verification=57f6c76a20ba1d2df60172916d3455a6735e982651519c89944f351d712c94ff
ep9imuj8d6td20i6vtmkoqoqsm
7tr6953lv4542hv9ff6lk9vtd7
google-site-verification=Vk7Re3AdfXBTVMdBazmaKgT7yUG5N4-u7UNAMFcD-5U

Email authentication strong

SPF

v=spf1 ip4:212.166.109.10/32 ip4:193.169.76.0/23 ip4:80.228.117.0/24 ip4:80.120.11.62/32 ip4:83.65.7.70/32 ip4:85.25.89.5/32 ip4:77.75.17.250/32 ip4:80.228.25.75/32 ip4:91.250.95.71/32 ip4:148.139.0.2 ip4:148.139.1.2 include:spf.protection.outlook.de include:_spf.rexx-suite.com include:spf.ess.de.barracudanetworks.com include:spf-westeu.emailsignatures365.com include:_spf.qp-mail.eu include:_spf.salesforce.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarcreport@hartlauer.at; ruf=mailto:dmarcforensicreport@hartlauer.at; fo=1

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsFvjAQtvkpxp27J/VFy+uGp/nDCM5v9EIATWA4/aE7Ff7uIxNoZtgXXunxBYh3qm9HWnd3BuUWCDL…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvLfTL7d0TBFPDE3oEkg8y7KNq/Izr413NSkUQ/fGJp9jNn5K3UPcB2IPt0DDWXvMxJuy+E/Huo/aB…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-06-05 to 2026-06-06

Expires in 18 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.hartlauer.at/

present

content-security-policy
x-frame-options
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; frame-src * data:; media-src * 'self' data: https:; img-src * 'self' data: https: blob: https://*.hartlauer.at; connect-src 'self' * 'unsafe-inline' data:; base-uri 'self' 'unsafe-inline' gap:; object-src 'none'; script-src-elem * 'unsafe-inline' cdn.evergage.com; style-src * 'unsafe-inline' cdn.evergage.com; script-src 'self' *.bing.com *.cloudfront.net *.cookielaw.org *.cquotient.com *.evergage.com *.evgnet.com *.facebook.com *.facebook.net *.fittingbox.com *.force.com *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com googleads.g.doubleclick.net *.onetrust.com *.pagestrip.com *.paypal.com *.paypalobjects.com *.salesforce.com *.la1-c1cs-fra.salesforceliveagent.com *.shoeboxonline.com *.timify.com 'unsafe-eval' 'unsafe-inline'; default-src 'self' *.cloudfront.net service.force.com *.force.com cdn.evergage.com *.cquotient.com *.google-analytics.com *.evergage.com *.evgnet.com *.gstatic.com blob:; worker-src blob:;

Links to (7)

Linked from (1)

onlineexpertdays.com×1