tfmetalsreport.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1633 ms crawled 2026-05-18

US · 104.26.7.33 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: TF Metals Report | Gold, silver, currency and commodities coverage.
Language: en
Canonical: https://www.tfmetalsreport.com/

Open Graph

url: https://www.tfmetalsreport.com/
title: TF Metals Report
site name: TF Metals Report
description: Gold, silver, currency and commodities coverage.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

cdnjs.cloudflare.com×6
fonts.googleapis.com×1
js.stripe.com×1
kit.fontawesome.com×1
s3.tradingview.com×1
www.googletagmanager.com×1
www.w3.org×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2010-12-03

Expires

2026-12-03 197 days left

Updated

2025-12-04

Name servers

amy.ns.cloudflare.com
ivan.ns.cloudflare.com

DNS records live

NS

amy.ns.cloudflare.com
ivan.ns.cloudflare.com

MX

10 inbound-smtp.us-east-1.amazonaws.com

TXT

have-i-been-pwned-verification=dweb_5oglkeq833xdmuum26iqvmop
google-site-verification=rRl6p8DElBDMjmCyI7u3mj2uCxPpjeIWz4KiSo4sIuc

Email authentication strong

SPF

v=spf1 include:spf.amazee.io include:amazonses.com include:servers.mcsv.net ~all

softfail (~all)

DMARC

v=DMARC1;p=quarantine;pct=100;fo=1

policy: quarantine

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

WE1

from 2026-04-19 to 2026-07-18

Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.tfmetalsreport.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' static.tfmetalsreport.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob:; style-src 'self' static.tfmetalsreport.com data: 'unsafe-inline' *.googleapis.com *.twitter.com *.twimg.com *.x.com svc.webspellchecker.net cdn.ckeditor.com static.ctctcdn.com cdnjs.cloudflare.com cdn.plyr.io; img-src 'self' https: data: android-webview-video-poster: *.jwplayer.com http://docs.jwplayer.com; media-src 'self' static.tfmetalsreport.com blob: *.giphy.com; frame-src 'self' https://www.tfmetalsreport.com data: audioboom.com *.audioboom.com scribd.com *.scribd.com soundcloud.com *.soundcloud.com youtube.com *.youtube.com youtube-nocookie.com *.youtube-nocookie.com vimeo.com *.vimeo.com bitchute.com *.bitchute.com twitter.com *.twitter.com x.com *.x.com *.tradingview.com *.tradingview-widget.com *.stripe.com *.doubleclick.net *.googlesyndication.com *.ted.com *.instagram.com *.jwpsrv.com www.google.com ms-appx-web: *.addtoany.com *.assoc-amazon.com *.amazon.com *.a
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (8)

Linked from (2)

zerohedge.com×4
kereport.com×1