carandclassic.com

HTML metadata

Title

Car & Classic | Classic Cars for Sale

Description

Find your dream classic car from over 30,000 private adverts plus many more trade adverts on Europe's No 1 classic cars site. 100% FREE advertising!

Language

en

Canonical

https://www.carandclassic.com/

Translations

en ×2
de
es
fr
it
nl
pt
sv

Open Graph

url: https://www.carandclassic.com/
title: Car & Classic | Classic Cars for Sale
locale: en_GB
image:url: https://www.carandclassic.com/images/logo_car_and_classic_opengraph.png
site name: Car & Classic
description: Find your dream classic car from over 30,000 private adverts plus many more trade adverts on Europe's No 1 classic cars site. 100% FREE a...

Technology

CDN: Cloudflare

Analytics

Cloudflare Insights
Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (3)

www.googletagmanager.com×2
cdn-ukwest.onetrust.com×1
static.cloudflareinsights.com×1

Social

Contact

Phone

055998844

Registration

Registrar

Tucows Domains Inc.

Created

2005-10-15

Expires

2031-10-15 1973 days left

Updated

2022-09-05

Name servers

alexis.ns.cloudflare.com
marjory.ns.cloudflare.com

DNS records live

NS

alexis.ns.cloudflare.com
marjory.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

1Password
Google
Meta
Pinterest
Zoom

Email authentication strong

SPF

v=spf1 include:sendgrid.net ip4:149.72.208.60 include:_spf.google.com include:mailgun.org include:1452875.spf05.hubspotemail.net ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:re+aswcedpxn6t@dmarc.postmarkapp.com; sp=reject; aspf=r;

policy: reject (enforced) · sp=reject

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYeKF0L1SzQcXrtJpC069iDPMEv7MeNNqZyiNTDJrXIyJQlaKvCsFZCluch7W7fsAScZiXBAWxjCIe…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwghKFoliA+rnLhADQfNt61Hco/GFW/J0wSlYRiOq3NtUem2CHD8TqCrBaxnZKRx8xnNwBZCs1jQnPYX844…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnzBACcsw8lrHCyqrL7TP0pRmN6W8uBadPQhY2AYTnkGDE1KzLMWPpcpjf/t6aIz+uH4t684FFoRuHOr1EbO3EsG…

selectors probed

Certificate (current)

WE1

from 2026-03-24 to 2026-06-22

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.carandclassic.com/

present

strict-transport-security
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

short HSTS max-age
missing Content Security Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(self "https://iframe.mediadelivery.net"), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self "https://iframe.mediadelivery.net"), fullscreen=(self "https://iframe.mediadelivery.net"), geolocation=(self), gyroscope=(self "https://iframe.mediadelivery.net"), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(self "https://js.stripe.com"), publickey-credentials-get=(self "https://js.stripe.com"), picture-in-picture=(self "https://iframe.mediadelivery.net"), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-site