indexo.dev

lotterien.at

.at crawl dns

First seen 2026-05-19 · Last seen 2026-05-31 · ok HTTP/1.1 200 4107 ms crawled 2026-05-30

US · 159.60.132.236 · AS35280 F5 Networks SARL

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Österreichische Lotterien » Spiele, Gewinnabfragen & mehr
Description
Entdecken Sie die Welt der Österreichischen Lotterien ➜ offizielle Website ✓ alle Lotteriespiele ✓ Ziehungen ✓ Gewinnabfragen ✓ u.v.m.
Language
de
Generator
TYPO3 CMS

Technology

Server
volt-adc
Cookie consent
  • Usercentrics

Third-party hosts loaded (1)

  • app.usercentrics.eu×1

Social

Contact

Address
Rennweg 44, 1038, Wien, AT

DNS records live

NS
  • ns1.f5clouddns.com
  • ns2.f5clouddns.com
MX
  • 10 lotterien-at.mail.protection.outlook.com
TXT
Show 7 TXT records
  • JyqHrLdbiMWDlbXS9ilz1jiYqBsb3ULZ8asyMQjK3P8HtyO7EmOp4y26RirYbY3w9tL8MT/uwycGaEhq6nP7uA==
  • cywetadns-domain-verification=4a7d2b4ffe3890f93e7dc6e063d68d45
  • 3qhwr7wgn1tpnm0msk9yv9pblvvv9qdl
  • MS471746
  • atlassian-sending-domain-verification=014e52c5-3578-468a-8b51-aebe75dc0b27
  • duo_sso_verification=OJC8ImpTLECqPnOG6tuFCChfwNI5aL4scEiwkP5gJzmRveTA2UjVJMJRhF9Y1r8Q
  • heyhack-verification=fd8a79e2-57de-45ce-acc6-726ede1d66d4
Verified for
  • Atlassian
  • Figma
  • Google
  • HackerOne
  • Meta
  • Microsoft 365
  • Miro

Email authentication strong

SPF
v=spf1 mx ip4:193.46.41.0/24 ip4:193.46.42.0/24 include:spf.protection.outlook.com include:_spf-dc55.sapsf.eu -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarcreport@lotterien.at; ruf=mailto:dmarcforensicreport@lotterien.at
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp9Hl5ZKq3GbpC6yHHgOZM4ExIb8vkV6uhVbTVxDDBbO6po8xp2K4+79RVl0G0g90g8YSzSaKaVCwZo2wvFp…
selectors probed

Certificate (current)

YE2
from 2026-05-29 to 2026-08-27
Expires in 87 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.lotterien.at/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' www.lotterien.at; script-src 'self' *.lotterien.at https://*.usercentrics.eu www.googletagmanager.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.usercentrics.eu https://*.gstatic.com https://maps.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://*.facebook.com https://sp.tinymce.com/ *.lotterien.at *.google-analytics.com a.storyblok.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https://www.linkedin.com https://www.instagram.com https://www.facebook.com; style-src-elem 'self' 'unsafe-inline' hello.myfonts.net *.googleapis.com *.kaspersky-labs.com *.adform.net 'report-sample'; font-src 'self' www.lotterien.at https://fonts.gstatic.com; script-src-elem 'self' *.lotterien.at www.googletagmanager.com https://www.gstatic.com https://*.googleapis.com https://*.google-analytics.com https

Links to (7)

Linked from (20)