indexo.dev

car.com

.com crawl

First seen 2026-04-19 · Last seen 2026-05-13 · ok HTTP/1.1 200 4042 ms crawled 2026-05-13

US · 13.107.226.67 · AS8075 Microsoft Corporation

Reputation 87/100 weak security headers no dmarc policy

sector automotive type homepage

HTML metadata

Title
Car.com - We Do the Research, You Do the Driving
Description
Car.com is for people who need help finding the perfect vehicle. Choosing from thousands of cars is really confusing, we have the tools to help you make a decision quickly and easily.
Language
en
Canonical
https://www.car.com

Technology

CDN
Azure Front Door
CMS
Next.js
Ads
  • Google Ads (DoubleClick)
Cookie consent
  • OneTrust
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • fonts.googleapis.com×4
  • img.autobytel.com×4
  • cdn.cookielaw.org×2
  • nexus.ensighten.com×2
  • securepubads.g.doubleclick.net×2
  • fonts.gstatic.com×1

Contact

Address
st MPG TrucksEconomy Cars Near MeChevy Cars Near Me©2026

Registration

Registrar
GoDaddy.com, LLC
Created
1994-07-06
Expires
2026-07-05 45 days left
Updated
2025-07-01
Name servers
  • ns1-09.azure-dns.com
  • ns2-09.azure-dns.net
  • ns3-09.azure-dns.org
  • ns4-09.azure-dns.info

DNS records live

NS
  • ns1-09.azure-dns.com
  • ns2-09.azure-dns.net
  • ns3-09.azure-dns.org
  • ns4-09.azure-dns.info
MX
  • 0 car-com.mail.protection.outlook.com
TXT
Show 19 TXT records
  • 4pxfk6yw15tdwnm60s3wbl83z5njx7l7
  • activeprospect-domain-verification=sZNvr0Xgg0m9ZRHsEeY+RA==
  • klaviyo-site-verification=YqNJ4T
  • activeprospect-domain-verification=UsUkOqx5ucKuWfNybxBRNQ==
  • activeprospect-domain-verification=Sfcrbxcp9ImD2GGByIdmKw==
  • tkfykjz4f6l28w7z6vf4tgzmtjr9nr9g
  • activeprospect-domain-verification=oJtdeEts2WJ+XPQI1NucUg==
  • sck3pzlc47rk1cw45ckjtqt7yskl76wv
  • activeprospect-domain-verification=lEXy4IjSO6Y1TzfBveP4iw==
  • activeprospect-domain-verification=PL4scRKENu8SI6M5tohGJw==
  • activeprospect-domain-verification=RUgkkQZBK/2iyS5D5pb6LQ==
  • _vtwmmcvqf66d62rzhroyj5uu5pybpou
  • activeprospect-domain-verification=/apklsefntJspXvBf9DEfg==
  • activeprospect-domain-verification=pKUfqSBm4DpiMmbgNRIwgQ==
  • activeprospect-domain-verification=U1+Djq9GGfHnclA3KX6NGw==
  • spf2.0/mfrom include:_spf.car.com -all
  • activeprospect-domain-verification=85zTQW3u6Aa4knxJunFkrQ==
  • activeprospect-domain-verification=mg9GgGPpphQf046xKLPYng==
  • 34ttwbtqtc2w55mjvk08xrv67nh1g79c
Verified for
  • Google
  • Meta
  • Microsoft 365
  • Yahoo

Email authentication weak

SPF
v=spf1 ip4:74.112.67.230 ip4:74.112.71.96 ip4:74.121.48.217 ip4:74.121.53.37 -all
strict (-all)
DMARC
not published
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqozW8ME7EjmEnu+dLrqboq67Pl3pRwOO8Ej0Oy5tjAAOhcX5Lk09z/vNUtHXC3bsJz486/bLLw5B7f…
selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1
from 2026-03-11 to 2026-09-12
Expires in 114 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.car.com/

findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy

Links to (2)

Linked from (1)