heine.de
HTML metadata
Technology
- Server
- nginx
- CMS
- Next.js
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (8)
- images.ctfassets.net×58
- c.searchhub.io×1
- witt-live.checkout.api.scayle.cloud×1
- witt.my.onetrust.eu×1
- www.googletagmanager.com×1
- www.heine-shop.nl×1
- www.heine.at×1
- www.heine.ch×1
Social
Contact
- Phone
Registration
- Updated
- 2021-04-14
- Name servers
-
- ns1-193.akam.net.
- ns2-65.akam.net.
- ns4-67.akam.net.
- ns7-66.akam.net.
DNS records live
- NS
-
- ns1-193.akam.net
- ns2-65.akam.net
- ns4-67.akam.net
- ns7-66.akam.net
- MX
-
- 5 heine-de.mail.protection.outlook.com
- TXT
-
Show 7 TXT records
atlassian-domain-verification=XuvfFNPt8O1LGWHgmu6drxqQRbfQGX4Dr2Ot8f9rgaA2FemHHZpmo2KZHiug8I9Ggoogle-site-verification=cZvQC0F9xWC8ah5A6_5pxz8I57FrWNo7cWuRT-xSI7Amiro-verification=c6674e98bd01ed3517fd80418595c7c1f3959f519QJizn6VNWh9gJp968Y+5Vy4Rv3kHHPr6uZ8ISS/LPJ7zK8JCn9QQa6wBMJKTG2ci5FD2q/952YYltltbhoeIQ==figma-domain-verification=08b41eb0b1f89876edc724b07535f781bb87d7edfcaa4f707fb8ba179890ee95-1718201926facebook-domain-verification=bbh4bfgmc059t6k3ykwm1h2065akbzadobe-idp-site-verification=c761a757-b700-41dc-ac3c-e6445c873c4c
Email authentication strong
- SPF
-
v=spf1 ip4:83.135.59.47 ip4:83.135.59.35 ip4:83.135.59.36 ip4:83.135.59.29 ip4:83.135.59.30 ip4:34.91.146.243 include:spf-ip.heine.de include:spf.protection.outlook.com include:spf-baur.heine.de include:spf-shop.heine.de include:spf.hornetsecurity.com -allstrict (-all) - DMARC
-
v=DMARC1;p=reject;pct=100;rua=mailto:rua-import-18795@sendforensics.compolicy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozL8z42p2cZ6nGyn7EK32YmSs8ZzfaIP3KDj8/ec+AzQxwCmRvCUS8D6hhkI+1XajFnTTU01uqRh2q… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrmqaL5ylJCXf135JHLgf/g9YYFv0bajUINwt6j3JfAlhD5fzF986OXqJ/ZprwuYT1ZZoqnjrkG7Or…
selectors probed - selector1:
Certificate (current)
Amazon RSA 2048 M01
Expires in 160 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
camera=(), microphone=(), geolocation=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' cdn.wcc.heine.de https://cdn.wcc.heine.de/graphql; base-uri 'self'; font-src 'self' cdn.wcc.heine.de https://fonts.gstatic.com data: https://d3dc1lgancj6l0.cloudfront.net https://dq4irj27fs462.cloudfront.net https://*.userwerk.com https://script.hotjar.com; img-src * data: https://*.userwerk.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com; connect-src 'self' https://cdn.wcc.heine.de/graphql cdn.wcc.heine.de cdn.witt.info/ https://images.ctfassets.net te.heine.de tp.heine.de wasp.heine.de wst.heine.de https://*.analytics.google.com https://*.facebook.com https://*.contentsquare.net https://*.my.onetrust.eu https://*.google-analytics.com https://bat.bing.com eu-witt-gruppe-prod1.mini.snplow.net https://www.google-analytics.com https://www.jsctool.com https://adservice.google.com/pagead/ https://graphql.contentful.com https://privacyportal-eu.onetrust.com https://stats.g.doubleclick.net https://geolocation.onetrust.co- strict-transport-security
max-age=31536000; includeSubDomains; preload