toffifee.cz
toffifee.cz
HTML metadata
Technology
Third-party hosts loaded (2)
- static.storck.com×11
- logfiles.storck.com×1
DNS records live
- NS
-
- ns.europe.adacor.net
- ns5.adacor.net
- Verified for
-
- Meta
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 32 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; default-src 'self' data: *.storck.com; script-src 'self' 'nonce-u5uVPfjGrfw84Zvh-RizAzpzDgJ_EGpr5cfd2KIlaBTbVhfWl-kEtg' blob: data: *.storck.com storck.piwik.pro; img-src 'self' blob: data: *.storck.com storck.piwik.pro; style-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.storck.com; connect-src 'self' data: *.storck.com storck.piwik.pro; font-src 'self' data:; frame-src 'self' data: www.storck-aktionen.de www.bittesehr.net www.gewinnspiel.toffifee.com int.fe.eure-toffifee.campaign-loyalty.com prod.fe.eure-toffifee.campaign-loyalty.com; frame-ancestors 'self'; form-action 'self';- strict-transport-security
max-age=31536000; includeSubDomains; preload