indexo.dev

lets-doit.at

.at crawl

First seen 2026-06-02 · Last seen 2026-06-03 · ok HTTP/1.1 200 693 ms crawled 2026-06-02

AT · 80.243.164.114 · AS21013 eww ag

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Fachmarkt für Werkzeug- und Gartenprofis - bei LET'S DOIT
Description
Bei LET'S DOIT findest du ein breites Sortiment: Werkzeuge und Maschinen, Gartengeräte, Arbeitsschutz, Eisenwaren, Farben, Lacke, Griller und Co.
Language
de

Open Graph

title
Fachmarkt für Werkzeug- und Gartenprofis - bei LET'S DOIT
description
Bei LET'S DOIT findest du ein breites Sortiment: Werkzeuge und Maschinen, Gartengeräte, Arbeitsschutz, Eisenwaren, Farben, Lacke, Griller und Co.

Technology

Server
CERN
jQuery
3.2.1 known XSS (<3.5)
Third-party hosts loaded (7)
  • cdnjs.cloudflare.com×5
  • cookieconsent.syreta.com×2
  • maxcdn.bootstrapcdn.com×2
  • apps.bazaarvoice.com×1
  • cdn.by.wonderpush.com×1
  • code.jquery.com×1
  • integrations.etrusted.com×1

Social

DNS records live

NS
  • dns3.itandtel.at
  • dns4.itandtel.at
  • dns5.itandtel.at
  • dns6.itandtel.at
MX
  • 10 letsdoit-at01b.mail.protection.outlook.com
TXT
  • sendinblue-site-verification=7998291
Verified for
  • Cisco
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:80.243.164.100/32 ip4:85.31.19.50/32 a:mailbox.itandtel.at a:newsletter.lets-doit.at include:_spf.itandtel.at include:spf.syreta.com include:spf.protection.outlook.com include:spf.brevo.com -all
strict (-all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-26 to 2026-08-24
Expires in 81 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://lets-doit.at/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • missing Content Security Policy
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy-report-only
default-src 'self'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: blob:; object-src 'none'; base-uri 'self'; manifest-src 'self' https:; media-src 'self' data:; form-action 'self' https:; frame-src 'self' https:; frame-ancestors 'self'; worker-src 'self' blob:; report-uri https://lets-doit.at/ajaxgateway/csp/;

Links to (5)

Linked from (4)