indexo.dev

winwin.at

.at crawl

First seen 2026-05-20 · Last seen 2026-05-28 · ok HTTP/1.1 200 2113 ms crawled 2026-05-27

US · 159.60.132.236 · AS35280 F5 Networks SARL

Reputation 100/100

Classifying

HTML metadata

Title
WINWIN - Hier WIN ich gern | Startseite
Description
Österreichs größte Auswahl an Automatenspielen auf VLTs. WINWIN lädt zum gemütlichen Verweilen und Spielen ein. Entdecke jetzt alle Aktionen und Angebote!
Language
de-AT
Generator
TYPO3 CMS
Canonical
/

Open Graph

image:url
https://www.winwin.at/fileadmin/_processed_/2/d/csm_mehr-als-ein-gewinn-spielbereich-willi_f4e750e4c0.jpg

Technology

Server
volt-adc
Cookie consent
  • Usercentrics

Third-party hosts loaded (1)

  • app.usercentrics.eu×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1.f5clouddns.com
  • ns2.f5clouddns.com
MX
  • 10 winwin-at.mail.protection.outlook.com
TXT
Show 5 TXT records
  • heyhack-verification=d37e5080-fe58-41a7-a7eb-b00555400597
  • 5UXj/TQIzbFZioouEm3nh1duPErJ1/MsuyFa+of6dDWfiFWw8PRcmeu31jdxr+XJlsHB0NvdyIujIWOePqmmpA==
  • cywetadns-domain-verification=4a7d2b4ffe3890f93e7dc6e063d68d45
  • duo_sso_verification=c8ZIZuXlsAXw4wPXSTB8JYorHEVGgDUm0mofoC9FO4YV1iEng1YcswIrQCrjl2ob
  • 784r4ry1d359zb0v2246tzckwwc5d4lb
Verified for
  • Atlassian
  • Google
  • Microsoft 365
  • Miro

Email authentication strong

SPF
v=spf1 mx include:lotterien.at -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarcreport@winwin.at; ruf=mailto:dmarcforensicreport@winwin.at
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVblD+TH5BfJuJqjs4BObd668pY3+kniYtH0+tj8k/u10sw6271ZIjKXffaL3C9T6Zm0LOeFK3VBTKiEqXmb…
selectors probed

Certificate (current)

E8
from 2026-04-12 to 2026-07-11
Expires in 41 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.winwin.at/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-KSPDS9lCxcMGBr-jOEuxMkS64o8tUVgpp19bCWOaOzRMvy5ncC1Ajw' https://*.usercentrics.eu 'unsafe-eval' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.usercentrics.eu maps.gstatic.com *.googleapis.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com *.winwin.at *.google.com; style-src-elem 'self' 'unsafe-inline' https://fast.fonts.net fonts.googleapis.com 'report-sample'; script-src-elem 'self' https://rgwtfl.winwin.at https://*.usercentrics.eu maps.googleapis.com cdn.jsdelivr.net 'unsafe-inline' 'report-sample'; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.fonts.net 'report-sample'; worker-src 'self' 'nonce-KSPDS9lCxcMGBr-jOEuxMkS64o8tUVgpp19bCWOaOzRMvy5ncC1Ajw' https://*.usercentrics.eu 'unsafe-eval' blob: 'report-sample'; font-src 'self' data: fonts.gstatic.com; connect-src 'self' *.friendlycaptcha.eu https://*.usercentrics.eu rgwtfl
strict-transport-security
max-age=63072000; preload

Links to (5)

Linked from (1)