gites.fr — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Locations de Vacances : Gîtes, Appartements, Résidences et Campings
Description: Recherchez un Gîte en France - Guide par Région, Carte Interactive et Moteur de Recherche
Language: fr-FR
Canonical: https://www.gites.fr/

Open Graph

title: Locations de Vacances : Gîtes, Appartements, Résidences et Campings
description: Recherchez un Gîte en France - Guide par Région, Carte Interactive et Moteur de Recherche

Technology

CDN: Amazon CloudFront

Analytics

Google Analytics
Google Tag Manager

Ads

Meta Pixel
Taboola

Third-party hosts loaded (13)

static.holidu.com×148
img.holidu.com×8
assets.holidu.com×7
www.googletagmanager.com×2
api.holidu.com×1
bat.bing.com×1
cdn.taboola.com×1
cdnjs.cloudflare.com×1
connect.facebook.net×1
retrack-kupona.kuponacdn.de×1
static2.holidu.com×1
widget.trustpilot.com×1
www.google-analytics.com×1

Contact

Address: Riesstraße 24, 80992, Munich, DE

Registration

Registrar

OVH

Created

2007-04-17

Expires

2030-05-06 1431 days left

Updated

2025-05-12

Name servers

ns-1040.awsdns-02.org
ns-1784.awsdns-31.co.uk
ns-705.awsdns-24.net
ns-86.awsdns-10.com

DNS records live

NS

ns-1040.awsdns-02.org
ns-1784.awsdns-31.co.uk
ns-705.awsdns-24.net
ns-86.awsdns-10.com

MX

1 smtp.google.com

Verified for

Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:_spf.google.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; sp=reject; pct=100; fo=1; ri=3600; rua=mailto:mailreports@holidu.com; ruf=mailto:mailreports@holidu.com

policy: reject (enforced) · sp=reject

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3PECQ/4Fpj5I8iBGW3KQRbUn+JyHKStXfaCxmEHOxGhYw1enKVsL3fUCeooMO/gksZZMQ+fSeWom/WSMP7Z…

selectors probed

Certificate (current)

Amazon RSA 2048 M04

from 2025-09-10 to 2026-10-10

Expires in 127 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.gites.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: https://challenges.cloudflare.com;style-src 'self' 'unsafe-inline' https:;img-src 'self' data: https: http:;font-src 'self' data: https:;connect-src 'self' https: ws: wws: https://challenges.cloudflare.com;frame-src 'self' https:;worker-src 'self' blob:;frame-ancestors 'self' https://*.holidu.com https://*.holidu.cloud https://*.holidu.io https://tsmart.tomas-travel.com
strict-transport-security: max-age=15552000

Links to (2)

holidu.fr×1
cybevasion.fr×1