indexo.dev

saartoto.de

.de crawl

First seen 2026-04-15 · Last seen 2026-05-16 · ok HTTP/1.1 200 1358 ms crawled 2026-05-11

DE · 62.159.142.140 · AS3320 Deutsche Telekom AG

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Lotto online spielen auf saartoto.de
Description
Online tippen auf LOTTO, Eurojackpot, KENO und vieles mehr. Alle Infos zu Lotterien, Gewinnzahlen, Jackpots und alles Wissenswerte aus der LOTTO-Welt.
Language
de
Canonical
https://www.saartoto.de/

Open Graph

url
https://www.saartoto.de/

Technology

CMS
Gatsby

Third-party hosts loaded (3)

  • cdn.jsdelivr.net×1
  • code.etracker.com×1
  • widget.moin.ai×1

Social

Contact

Phone

Registration

Updated
2019-10-31
Name servers
  • ns1.teresto.net.
  • ns2.teresto.net.
  • ns3.teresto.net.
  • ns4.teresto.net.

DNS records live

NS
  • ns1.teresto.net
  • ns2.teresto.net
  • ns3.teresto.net
  • ns4.teresto.net
MX
  • 30 spam1.infoserve.de
  • 30 spam2.infoserve.de
TXT
Show 4 TXT records
  • apple-domain-verification=89LRulipnqjFooLD
  • QuoVadis=4d035b40-69c7-4560-a6ab-1bff9a63f287
  • MS=16093803E5AECF36512369291C932934E9F5AA43
  • facebook-domain-verification=6ac7bjet4umgkq0qfh815qq8rshbkc

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:_spf.infoserve.de a:ils-mgw1.lotto-berlin.de a:ils-mgw2.lotto-berlin.de a:tils-mgw1.lotto-berlin.de a:tils-mgw2.lotto-berlin.de a:mail.ltg-hessen.de a:mail2.ltg-hessen.de -all
strict (-all)
DMARC
not published
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsjXVIEbPqfCXcadFI9+o8/aJo5fTA/OP0l6w0GvbvxHt3hFC3XdBav8uLF/k8JN/z7kzHkScXo80a9YXhoA…
selectors probed

Certificate (current)

Entrust EV TLS Issuing RSA CA 2
from 2025-06-05 to 2026-07-06
Expires in 48 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.saartoto.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=*,autoplay=*,camera=*,clipboard-read=*,clipboard-write=*,cross-origin-isolated=*,display-capture=*,document-domain=*,encrypted-media=*,fullscreen=*,geolocation=*,gyroscope=*,hid=*,idle-detection=*,keyboard-map=*,magnetometer=*,microphone=*,midi=*,payment=*,picture-in-picture=*,publickey-credentials-get=*,screen-wake-lock=*,serial=*,speaker-selection=*,sync-xhr=*,usb=*,web-share=*,xr-spatial-tracking=*
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://cdn.jsdelivr.net/npm/; connect-src *; img-src * data: blob:; frame-src *; style-src * 'unsafe-inline'; worker-src * blob:; child-src blob:;
strict-transport-security
max-age=63072000; includeSubDomains

Links to (10)

Linked from (10)