altour.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- Analytics
-
- Cloudflare Insights
- Google Tag Manager
- Microsoft Clarity
- Ads
-
- Google Ads (DoubleClick)
- Meta Pixel
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (26)
- stprdwpimgbucketeus001.blob.core.windows.net×6
- www.googletagmanager.com×3
- js.hs-scripts.com×2
- px.ads.linkedin.com×2
- apps.avinode.com×1
- connect.facebook.net×1
- fonts.axept.io×1
- gmpg.org×1
- googleads.g.doubleclick.net×1
- js.hs-analytics.net×1
- js.hs-banner.com×1
- js.hsadspixel.net×1
- js.hscollectedforms.net×1
- js.hubspot.com×1
- js.zi-scripts.com×1
- ka-p.fontawesome.com×1
- kit.fontawesome.com×1
- player.vimeo.com×1
- scripts.clarity.ms×1
- snap.licdn.com×1
- static.axept.io×1
- static.cloudflareinsights.com×1
- unpkg.com×1
- www.clarity.ms×1
- www.google.com×1
- www.gstatic.com×1
Social
Registration
- Registrar
- MarkMonitor Inc.
- Created
- 1996-10-04
- Expires
- 2026-10-03 137 days left
- Updated
- 2025-08-05
- Name servers
-
- brit.ns.cloudflare.com
- rene.ns.cloudflare.com
DNS records live
- NS
-
- brit.ns.cloudflare.com
- rene.ns.cloudflare.com
- MX
-
- 5 us-smtp-inbound-1.mimecast.com
- 5 us-smtp-inbound-2.mimecast.com
- TXT
-
Show 8 TXT records
71eidktb9hq63pigg2t65g4ff19Du1zhtwo53pcEMisPESckKYYP4Py+EnYQ0i/Q8wNRK03azIUsVgTTwPqt9pqycgI1jRBERVPsPDbHOTA/u9BA==anthropic-domain-verification-fvkhyy=o1RNaUNCQrlgdUXXpaMRzgSbPatlassian-domain-verification=bQD6OhkZJxU4VRUYfJhbajXLF88jBw7m9EYu0Kd84Eajw6dkrRIPkXcYhPJyK7szbw=9mKEoLNUj1OSYH0ltNCnsDdjRaH3OyizpjIfxX13irV7ca3-fe5d4d6ca03f4f21afbf53df0388423av23tlsbef478035bog8mg1m9oo3mkh1sld4djb1u5f3g47idlvae
Email authentication strong
- SPF
-
v=spf1 redirect=3rbk5ts2._spf._d.mim.ecno all qualifier - DMARC
-
v=DMARC1; p=reject; rua=mailto:0510be4f2618042@rep.dmarcanalyzer.com; ruf=mailto:0510be4f2618042@for.dmarcanalyzer.com; fo=1;policy: reject (enforced) - DKIM
-
- k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo… - s1:
v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64KTtJ+DkIyXHtBF8q5TTYmoIlDshliuLzP8DHwV/y+BvKrotAHckJchActlveorwgEKoUuAt2CKUnaZ… - s2:
v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dmyxDd6YOWStMUh7WYVg9i1M88gsu7G6IMlFSY3aRxdzXB2swwbNyC6cfcGXBkKo6XnLpG9GbYQih+k…
selectors probed - k1:
Certificate (current)
WE1
Expires in 30 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
DENY- permissions-policy
geolocation=(self), microphone=(self), camera=(self), fullscreen=(self), payment=(self)- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self'; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval';- strict-transport-security
max-age=63072000; includeSubDomains