indexo.dev

towni.se

.se crawl

First seen 2026-05-28 · Last seen 2026-05-31 · ok HTTP/1.1 200 444 ms crawled 2026-05-30

US · 216.239.32.21 · AS15169 Google LLC

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Towni
Description
Upplev och handla lokalt! Från mat till upplevelser! Biljetter, aktiviteter, boenden och guider till närodlat och mycket mer. Det ska vara enkelt att beställa lokalt!
Language
sv

Open Graph

url
https://towni.se
title
Towni ♥ Lokalt
site name
Towni ♥ Lokalt
description
Upplev och handla lokalt! Från mat till upplevelser! Biljetter, aktiviteter, boenden och guider till närodlat och mycket mer. Det ska vara enkelt att beställa lokalt!

Technology

Server
Google

Third-party hosts loaded (1)

  • js.stripe.com×1

DNS records live

NS
  • ns1.dnsimple-edge.com
  • ns2.dnsimple-edge.net
  • ns3.dnsimple-edge.io
  • ns4.dnsimple-edge.org
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google
  • Stripe

Email authentication weak

SPF
not published
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:re+tmeacved3xb@dmarc.postmarkapp.com; sp=none; aspf=r;
policy: none (monitoring only) · sp=none
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg596XF2zBXMUdIbWgG9794+SleT1o6zhu9p0f3k+S7mu1uBXgqV46GjIt4QXC/3YWo8+7sfJtHpTgN…
selectors probed

Certificate (current)

WR3
from 2026-04-24 to 2026-07-23
Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://towni.se/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.towni.se *.imgix.net;script-src * data: blob: 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://maps.googleapis.com https://sentry.io;img-src 'self' blob: data: *.imgix.net *.towni.se lorempixel.com maps.gstatic.com *.googleapis.com towni.se towni-7etz6k2yja-ew.a.run.app;font-src 'self' *.towni.se fonts.gstatic.com;style-src 'self' *.towni.se 'unsafe-inline';connect-src 'self' *.towni.se *.sentry.io firestore.googleapis.com/ storage.googleapis.com/towni-brand/ https://api.stripe.com https://maps.googleapis.com https://storage.googleapis.com:* wss://towni.se:* wss://towni-7etz6k2yja-ew.a.run.app:* ws://towni.se:* ws://towni-7etz6k2yja-ew.a.run.app:* *.imgix.net;frame-src 'self' *.towni.se https://js.stripe.com https://hooks.stripe.com;child-src blob:;object-src 'none';base-uri 'self';form-action 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Linked from (3)