indexo.dev

bazarchic.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-14 · ok HTTP/1.1 200 1672 ms crawled 2026-05-14

FR · 5.144.141.50 · AS8304 Ecritel SASU

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Ventes Privées de Grandes Marques jusqu'à -70% | BAZARCHIC
Description
Profitez de Ventes Privées de Grandes Marques jusqu’à -70%. 14 nouvelles ventes/jour : Mode, Maison, Vins et Épicerie.
Language
fr
Canonical
https://fr.bazarchic.com/
Translations
  • de
  • es
  • fr
  • it
  • nl

Open Graph

url
https://fr.bazarchic.com/
title
Ventes Privées de Grandes Marques jusqu'à -70% | BAZARCHIC
description
Profitez de Ventes Privées de Grandes Marques jusqu’à -70%. 14 nouvelles ventes/jour : Mode, Maison, Vins et Épicerie.

Technology

Server
nginx
CMS
Next.js

Social

Registration

Registrar
Gandi SAS
Created
2005-11-16
Expires
2026-11-16 179 days left
Updated
2025-12-05
Name servers
  • ns-102-b.gandi.net
  • ns-147-a.gandi.net
  • ns-168-c.gandi.net

DNS records live

NS
  • ns-102-b.gandi.net
  • ns-147-a.gandi.net
  • ns-168-c.gandi.net
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • MS=0DD26C17FB188348AA45C2CE437B8ACAB052F194
Verified for
  • Atlassian
  • GlobalSign
  • Google
  • Meta

Email authentication weak

SPF
v=spf1 include:spf.mailjet.com a mx ip4:217.108.43.194 ip4:217.108.43.193 ip4:46.218.1.10 ip4:46.218.1.11 include:_spf.google.com include:mail.zendesk.com
no all qualifier
DMARC
not published
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdkHQo/C+FCCAxcFUk/yjOFcTto8U0hx3yiZg6lyvazEyv9CLJrCMabxPIJqCIXlgvcwQlBnNYr3WK8RD8XE…
selectors probed

Certificate (current)

GlobalSign GCC R3 DV TLS CA 2020
from 2025-05-26 to 2026-06-27
Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://fr.bazarchic.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https data: blob: *.wepowerconnections.com *.payline.com *.adyen.com *.googletagmanager.com *.abtasty.com *.google-analytics.com *.facebook.net *.googleapis.com *.jsdelivr.net *.googleadservices.com *.dwin1.com *.awin1.com *.bazarchic.com *.newrelic.com *.cdn.payline.com *.doubleclick.net *.roeyecdn.com *.contentsquare.net *.batch.com *.google.com *.nr-data.net *.pp.bazarchic.com *.gstatic.com *.bootstrapcdn.com *.zenaps.com *.sciencebehindecommerce.com *.paypal.com *.cdnwidget.com *.oney.com *.cloudflare.com *.pinimg.com *.pinterest.com *.pinterest.fr *.wlscripts.org *.wlscripts.fr *.cloudfront.net *.googlesyndication.com *.contentsquare.com *.getalma.eu *.almapay.com *.algolia.io *.cdn-apple.com *.paypalobjects.com *.fr.bazarchic.com *.affilae.com *.trackad.ai *.creativecdn.com ; frame-src *; img-src 'self' https: data: blob: *.bazarchic.com *.nr-data.net *.zenaps.com *.awin1.com *.trackad.ai *.creativecdn.com
strict-transport-security
max-age=31536000; includeSubDomains

Links to (3)

Linked from (1)