carxpert.ch
carxpert.ch
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (2)
- elfsightcdn.com×2
- app.usercentrics.eu×1
Social
Contact
- Address
- Rue de l'Ancien Comté 33, CH-1635, La Tour de Trême, CH
DNS records live
- NS
-
- apollo.ns.cloudflare.com
- pat.ns.cloudflare.com
- MX
-
- 1 mx0.webpack.hosteurope.de
- Verified for
-
Email authentication weak
- SPF
- not published
- DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TklLvgUcFdSVm54WT07PuWeRmYyVDCSoCg627xfkvywLA2fzahXfZo6Tq5b8PrNF6HKr6tOUwwc2w91Bf… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwatSrr9guOadL2Nu2r5YeqaMxkvGya7VlLb3bHildDR7QYwe2zBDIOeCcDVTUSZrScfZYS12Pcv6/GVXeX…
selectors probed - s1:
Certificate (current)
WE1
Expires in 85 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://analytics.techniconcept.ch https://app.usercentrics.eu https://elfsightcdn.com https://*.elfsightcdn.com https://*.elfsight.com https://*.googleapis.com https://*.gstatic.com https://*.autolina.ch https://*.autoscout24.ch https://cdnjs.cloudflare.com https://unpkg.com ;style-src 'self' 'unsafe-inline' https:;img-src 'self' data: https:;font-src 'self' data: https:;connect-src 'self' https://*.autoscout24.ch https://*.autolina.ch https:;frame-src https://*.autoscout24.ch https://*.autolina.ch https:;- strict-transport-security
max-age=15552000; includeSubDomains; preload