cartecadeaumach.com
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- Server
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Cookiebot
- Fonts
-
- Google Fonts
Third-party hosts loaded (6)
- web-assets.groupemach.com×15
- fonts.googleapis.com×2
- fonts.gstatic.com×2
- www.googletagmanager.com×2
- consent.cookiebot.com×1
- consentcdn.cookiebot.com×1
Registration
- Registrar
- NameCheap, Inc.
- Created
- 2022-02-01
- Expires
- 2027-02-01 257 days left
- Updated
- 2026-01-02
- Name servers
-
- dns1.registrar-servers.com
- dns2.registrar-servers.com
DNS records live
- NS
-
- dns1.registrar-servers.com
- dns2.registrar-servers.com
- MX
-
- 10 eforward1.registrar-servers.com
- 10 eforward2.registrar-servers.com
- 10 eforward3.registrar-servers.com
- 15 eforward4.registrar-servers.com
- 20 eforward5.registrar-servers.com
Email authentication weak
- SPF
-
v=spf1 include:spf.efwd.registrar-servers.com ip4: 54.92.233.51 ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M04
Expires in 67 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' * data: 'unsafe-inline' blob: 'unsafe-eval'; script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' * 'unsafe-inline'; img-src 'self' * data: blob:; font-src 'self' * data:; connect-src 'self' *;- strict-transport-security
max-age=31536000; includeSubDomains; preload