indexo.dev

lottomv.de

.de crawl

First seen 2026-04-15 · Last seen 2026-05-14 · ok HTTP/1.1 200 2104 ms crawled 2026-05-10

DE · 62.159.142.142 · AS3320 Deutsche Telekom AG

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
LOTTO online spielen - sicher & seriös - lottomv.de
Description
6aus49, Eurojackpot, GlücksSpirale, KENO für zu Hause und unterwegs. Einfach und bequem Tipp abgeben. Ab 18! Zum Spielschein
Language
de
Canonical
https://www.lottomv.de/

Open Graph

url
https://www.lottomv.de/
title
LOTTO online spielen - sicher & seriös - lottomv.de
description
6aus49, Eurojackpot, GlücksSpirale, KENO für zu Hause und unterwegs. Einfach und bequem Tipp abgeben. Ab 18! Zum Spielschein

Technology

CMS
Gatsby

Third-party hosts loaded (3)

  • cdn.jsdelivr.net×1
  • code.etracker.com×1
  • widget.moin.ai×1

Social

Registration

Updated
2020-07-06
Name servers
  • docks14.rzone.de.
  • shades12.rzone.de.

DNS records live

NS
  • docks14.rzone.de
  • shades12.rzone.de
MX
  • 10 mail.lottomv.de
TXT
Show 5 TXT records
  • google-site-verification=goGM4SSmVQHFuMuCo-f4JWkLapxmvtH1Sj0FITE0UTQ
  • swisssign-check=ga7hc2qqKN7mkvJ8vm_z9fRnJEs
  • apple-domain-verification=kYns8EoOL8VurT9s
  • google-site-verification=U6s4x1xAkDx-c__A6P94e-l14rGqXUk2zCgonwmfCmk
  • MS=ms30632076

Email authentication weak

SPF
v=spf1 ip4:213.146.67.235/32 ip4:194.25.222.192/28 ip4:62.225.151.192/28 ip4:79.140.178.82/32 -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

GeoTrust EV RSA CA G2
from 2025-12-01 to 2026-08-24
Expires in 97 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.lottomv.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=*,autoplay=*,camera=*,clipboard-read=*,clipboard-write=*,cross-origin-isolated=*,display-capture=*,document-domain=*,encrypted-media=*,fullscreen=*,geolocation=*,gyroscope=*,hid=*,idle-detection=*,keyboard-map=*,magnetometer=*,microphone=*,midi=*,payment=*,picture-in-picture=*,publickey-credentials-get=*,screen-wake-lock=*,serial=*,speaker-selection=*,sync-xhr=*,usb=*,web-share=*,xr-spatial-tracking=*
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://cdn.jsdelivr.net/npm/; connect-src *; img-src * data: blob:; frame-src *; style-src * 'unsafe-inline'; worker-src * blob:; child-src blob:;
strict-transport-security
max-age=63072000; includeSubDomains

Links to (9)

Linked from (5)