dealerauction.co.uk

HTML metadata

Title

Dealer Auction | trade to trade auction site for used vehicles

Description

Buy and sell your used vehicles on Dealer Auction, the trade to trade auction site. Over 4,000 sellers, 5,000 buyers and 600 daily auctions.

Language

en-US

Generator

Powered by WPBakery Page Builder - drag and drop page builder for WordPress.

Canonical

https://www.dealerauction.co.uk/

Feeds

Dealer Auction » Feed RSS
Dealer Auction » Comments Feed RSS

Open Graph

url: https://www.dealerauction.co.uk/
title: Homepage
locale: en_US
site name: Dealer Auction
description: Buy and sell your used vehicles on Dealer Auction, the trade to trade auction site. Over 4,000 sellers, 5,000 buyers and 600 daily auctions.

Technology

CDN: Cloudflare
CMS: WordPress

Fonts

Google Fonts

Social widgets

Vimeo Embed

Third-party hosts loaded (5)

fonts.googleapis.com×3
dc.ads.linkedin.com×1
player.vimeo.com×1
www.facebook.com×1
www.google.com×1

Social

Registration

Registrar

CSC Corporate Domains, Inc

Created

2008-08-26

Expires

2026-08-26 98 days left

Updated

2025-09-17

Name servers

kristin.ns.cloudflare.com.
nitin.ns.cloudflare.com.

DNS records live

NS

kristin.ns.cloudflare.com
nitin.ns.cloudflare.com

MX

5 mxa-0028a403.gslb.pphosted.com
5 mxb-0028a403.gslb.pphosted.com

TXT

linkedin-site-verification=e9676f00-11cc-457b-8a26-54ca5469e767

Verified for

Anthropic
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.autotrader.co.uk include:servers.mcsv.net include:spf.mandrillapp.com include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I+Ma3f4i804mURuOwgSGguNvpvh5ITN+rsFb347Yv4kguM0jGLRwjgFQjUlPTQF54FofYOepPTaGz…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
s1: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC00CyCExL5qlIWQ+migSrPV/UPL73smbkmP+JOMZYI46Lg6VYhCixLfuejV3xUh58rT6NML0ofsB6RTi3M78epjM…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDn1xN68IfjQ719pKIRWomMVkzwQIyCGjO81W7LiRodxOT/D3VKZxZ0GZoGNVTNMqyNG9N+Cpq2hPZL6fxvK223Cy…

selectors probed

Certificate (current)

WE1

from 2026-03-21 to 2026-06-19

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.dealerauction.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: style-src 'self' fonts.googleapis.com https: blob: 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com static.hotjar.com https:; object-src https:; worker-src 'self' blob:; media-src 'self' https: blob:; frame-ancestors 'none'; img-src 'self' blob: https: data: *; default-src 'self' https: wss:; font-src 'self' https: data:; report-uri https://app.csp-report-receiver.prod.k8.atcloud.io/api/csp/report-uri; report-to autotrader-csp;
strict-transport-security: max-age=31536000

Links to (4)

Linked from (1)

nextgearcapital.co.uk×1