shoestation.com
shoestation.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (7)
- cdn.media.amplience.net×16
- scvl.a.bigcontent.io×11
- use.typekit.net×3
- cdn.cookielaw.org×1
- try.abtasty.com×1
- www.google.com×1
- www.googletagmanager.com×1
Registration
- Registrar
- Register.com - Network Solutions, LLC
- Created
- 2001-12-12
- Expires
- 2035-12-12 3492 days left
- Updated
- 2025-12-13
- Name servers
-
- ben.ns.cloudflare.com
- dana.ns.cloudflare.com
DNS records live
- NS
-
- ben.ns.cloudflare.com
- dana.ns.cloudflare.com
- MX
-
- 0 scvl-com.mail.protection.outlook.com
- Verified for
-
- DocuSign
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 ip4:12.130.199.16/28 ip4:32.132.138.58 ip4:32.142.76.190 include:spf.protection.outlook.com include:docebosaas.com ~allsoftfail (~all) - DMARC
-
v=DMARC1;p=quarantine;rua=mailto:trmoderation@scvl.compolicy: quarantine - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkIZXw7u/gzJPR8Iax/mUqJzn2jTfmIo5yhvaOH7qqbASakIaWwecwFSbOTlKLPU6NCzGqH3fhn31a…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 77 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-resource-policy
- findings
-
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src *.ipredictive.com *.amazon-adsystem.com *.cdn.content.amplience.net cdn.media.amplience.net cdn.static.amplience.net *.staging.bigcontent.io *.attn.tv 'self' 'unsafe-eval' https://service.force.com/ https://capig.shoestation.com *.bazaarvoice.com uk.cdn-net.com six.cdn-net.com mpsnare.iesnare.com https://secure.cataboom.com/ *.my.site.com shoecarnivalsf360.my.salesforce.com *.facebook.com *.facebook.net ad.doubleclick.net td.doubleclick.net 9132531.fls.doubleclick.net *.googleapis.com *.googletagmanager.com *.doubleclick.net *.google.com *.youtube.com https://na-assets.playground.klarnaservices.com js.klarna.com js.playground.klarna.com x.klarnacdn.net *.klarnaservices.com *.klarna.com *.clarity.ms *.abtasty.com *.paypal.com *.paypalobjects.com https://account.venmo.com *.pbbl.co *.pinterest.com api.radar.io https://us.creativecdn.com/ *.sentry.io services.sheerid.com https://cdn.sitevibes.com tcapi.io *.wisepops.com https://wisepops.net *.zmags.com *.afterpay.com *.usablen- strict-transport-security
max-age=15552000; includeSubDomains- cross-origin-resource-policy
same-origin- content-security-policy-report-only
default-src 'self' *.klarna.com *.klarnaservices.com *.paypal.com *.paypalobjects.com *.afterpay.com *.cash.app *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.doubleclick.net *.amazon-adsystem.com *.bazaarvoice.com *.amplience.net cdn.cookielaw.org *.fullstory.com *.abtasty.com *.evergage.com *.sentry.io *.tiktok.com *.bing.com *.creativecdn.com *.mountain.com *.wisepops.com *.forter.com *.sitevibes.com *.thrive.today *.pbbl.co *.attn.tv *.ipredictive.com *.algolia.net *.algolianet.com *.onetrust.com *.pinterest.com *.adroll.com *.jsdelivr.net *.cloudfront.net *.typekit.net; script-src 'self' js.klarna.com x.klarnacdn.net *.paypal.com *.afterpay.com *.cash.app *.squarecdn.com *.google.com *.googletagmanager.com *.facebook.net 'unsafe-inline' cdn.cookielaw.org *.fullstory.com *.abtasty.com *.evergage.com *.googleapis.com storage.googleapis.com *.mountain.com loader.wisepops.com *.thrive.today *.pbbl.co *.attn.tv *.ipredictive.com *.jsd