indexo.dev

panini.ch

.ch crawl

First seen 2026-05-30 · Last seen 2026-05-31 · ok HTTP/1.1 200 902 ms crawled 2026-05-31

US · 151.101.129.124 · AS54113 Fastly, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Panini Sticker, Trading Cards und Merchandise | Jetzt online kaufen
Description
Der offizielle Panini Onlineshop. Sticker, Karten und Merchandise - Entdecke jetzt unsere Kollektionen und bestelle online!
Language
de

Technology

CMS
Gatsby
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot

Third-party hosts loaded (3)

  • consent.cookiebot.com×1
  • legals.panini.it×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • dns1.netjust.com
  • dns2.netjust.com
  • usa.dns3.netjust.com
MX
  • 5 mailservice1.sedoc.it
  • 5 mailservice2.sedoc.it
TXT
  • RmdUEAadsU/LwXyrzCphQSqf7bSXhX5e3Ni8qnZczGctb5re734ZMwzaTO4zD77lIZE+8ukDgOtM6gHBr3kzAg==
  • hibp-verify=dweb_fwkcx8shle3shpmujxlkrck6
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 mx ip4:37.186.236.152 ip4:46.29.201.255 ip4:37.186.236.158 ip4:78.159.196.24 ip4:78.159.196.30 ip4:37.186.236.137 ip4:78.159.196.9 ip4:54.229.2.165 ip4:52.30.130.201 include:spf.sedoc.it include:spf.protection.outlook.com include:spf.byway.it -all
strict (-all)
DMARC
v=DMARC1; p=none; sp=none; rua=mailto:re+0b4b36924cc8@inbound.dmarcdigests.com; pct=100
policy: none (monitoring only) · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBMJyX/Ia/ANZTefw/G4LZL56kTbB0kS1bc3/+VX+zi5Buz1TQMoQ/+jSwC9h94hNlZ2lSMx69B6/Yi6Etyq…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8W6HHF/arHBF5S3hYT4EQkCz6x++qftsH+fHHHnCvg5tSjLlbyQv6SbRnAEq/HE3XjZE50ceGfMgX/iCZXm…
selectors probed

Certificate (current)

R12
from 2026-05-16 to 2026-08-14
Expires in 75 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.panini.ch/shp_che_de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cash-f.squarecdn.com *.fontawesome.com https://cdnjs.cloudflare.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.paninistore.com *.cardinalcommerce.com *.facebook.com 3dsecure.nexi.it *.panini.it *.paninibelgium.com *.panini.co.il *.panini.es *.panini.co.uk *.panini.fr *.panini.ch *.panininederland.com *.paninihungary.com *.panini.pl *.paniniportugal.com *.panini.ro *.panini.com.gr *.panini.de *.paninisuomi.com *.paninisverige.com *.paninidanmark.com *.panininorge.com *.paniniamerica.net *.paninihobby.com *.store-cdc-us-collectibles.collectibles.paniniamerica.net *.nexigroup.com *.redsys.es *.sia.eu:* *.vinea.es *.ing.ro *.land
strict-transport-security
max-age=31536000

Links to (6)

Linked from (1)