dacia.at
dacia.at
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- nginx
- Analytics
-
- Google Analytics
- Google Tag Manager
Third-party hosts loaded (3)
- cdn.group.renault.com×63
- www.google-analytics.com×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- anna.renault.fr
- xenia.renault.fr
- MX
-
- 1 media.dacia.at
- Verified for
-
- Meta
Email authentication strong
- SPF
-
v=spf1 mx ip4:83.211.151.248 ip4:83.211.43.82 ip4:83.211.43.94 ip4:83.211.221.129 ip4:83.211.221.142 ip4:147.253.217.43 ip4:147.253.217.47 ip4:147.253.217.19 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; pct=100; sp=reject; rua=mailto:8861c14b@inbox.eu.redsift.cloud,mailto:mb2glhd4@ag.dmarcian.eu; ruf=mailto:8861c14b@inbox.eu.redsift.cloud; adkim=r; aspf=r; fo=1; rf=afrf; ri=3600policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M04
Expires in 248 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:;base-uri 'self';frame-ancestors 'self' ;img-src data: https: blob:;font-src data: https:;media-src https: blob:;connect-src https: wss: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:;style-src data: 'unsafe-inline' https:;child-src https: data: blob:;form-action https:;object-src 'none';- strict-transport-security
max-age=2592000