indexo.dev

filliboya.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-12 · ok HTTP/1.1 200 1465 ms crawled 2026-05-08

US · 104.26.10.200 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

sector tech type homepage

HTML metadata

Title
Ana Sayfa
Description
Global teknoloji ve partnerlik ile Filli Boya Markası altında pazara yenilik getiren dekoratif silikonlu dış cephe boyaları incelemek ve almak için tıklayın.
Language
tr
Canonical
https://www.filliboya.com/

Open Graph

url
https://www.filliboya.com/
title
Ana Sayfa
site name
www.filliboya.com
description
Global teknoloji ve partnerlik ile Filli Boya Markası altında pazara yenilik getiren dekoratif silikonlu dış cephe boyaları incelemek ve almak için tıklayın.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (12)
  • res.cloudinary.com×36
  • cdn.jsdelivr.net×5
  • cdnjs.cloudflare.com×2
  • fonts.googleapis.com×2
  • www.googletagmanager.com×2
  • bundles.efilli.com×1
  • chatbot-betek.serdoo.com×1
  • code.jquery.com×1
  • fonts.gstatic.com×1
  • pro.fontawesome.com×1
  • unpkg.com×1
  • www.facebook.com×1

Social

Contact

Address
Zümrütevler Mahallesi Ural Sokak No: 38, 34852, Maltepe, İstanbul, TR

Registration

Registrar
Tucows Domains Inc.
Created
2002-01-15
Expires
2027-01-15 239 days left
Updated
2025-06-30
Name servers
  • carla.ns.cloudflare.com
  • earl.ns.cloudflare.com

DNS records live

NS
  • carla.ns.cloudflare.com
  • earl.ns.cloudflare.com
MX
  • 18 route1.mx.cloudflare.net
  • 31 route3.mx.cloudflare.net
  • 71 route2.mx.cloudflare.net
Verified for
  • Google

Email authentication weak

SPF
v=spf1 include:_spf.mx.cloudflare.net ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-03-28 to 2026-06-26
Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.filliboya.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.conversionsapigateway.com *.run.app *.sharethis.com *.filliustam.com *.efilli.com *.googlesyndication.com *.tiktokw.us *.tiktok.com *.imagekit.io cdn.eye-able.com api.paynet.com.tr serdoo-chatbot.s3.eu-west-1.amazonaws.com ws://*.serdoo.com wss://*.serdoo.com *.serdoo.com pcs-statics.paynet.com.tr *.youtube.com *.lottiefiles.com *.bootstrapcdn.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.googleadservices.com *.googletagmanager.com *.cloudflare.com *.betek.com.tr *.google-analytics.com unpkg.com *.cloudinary.com *.taggbox.com *.fontawesome.com cdn.jsdelivr.net *.doubleclick.net extreme-ip-lookup.com tpc.googlesyndication.com proxy.elfsightcdn.com code.jquery.com *.google.com.tr *.google.com *.instacloud.io; img-src * 'self' data:
strict-transport-security
max-age=63072000

Links to (8)

Linked from (2)