hachette-collections.com

HTML metadata

Title

Hachette Collections – Miniatures Autos, Livres Personnalisés, Maquettes, BD… | Hachette Collections

Description

Commandez en ligne des collections exclusives de bandes dessinées, miniatures automobiles, maquettes, loisirs créatifs, figurines et des livres personnalisés pour enfants.

Language

fr

Canonical

/fr-fr/

Translations

es ×5
fr ×3
en ×2
pt ×2
de
it
ja
pl

Technology

CDN: Cloudflare
Stack: PHP

Analytics

Cloudflare Insights
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (18)

www.hachettecollections.com×2
ar.salvat.com×1
br.salvat.com×1
co.salvat.com×1
fonts.googleapis.com×1
hachettepartworks.com×1
hcj.jp×1
kolekcja-hachette.pl×1
libs.hipay.com×1
mx.salvat.com×1
pe.salvat.com×1
pt.salvat.com×1
static.cloudflareinsights.com×1
tag.aticdn.net×1
www.googletagmanager.com×1
www.hachette.de×1
www.hachette.it×1
www.salvat.com×1

Social

Registration

Registrar

Gandi SAS

Created

1999-07-30

Expires

2026-07-30 70 days left

Updated

2025-06-29

Name servers

abdullah.ns.cloudflare.com
sloan.ns.cloudflare.com

DNS records live

NS

abdullah.ns.cloudflare.com
sloan.ns.cloudflare.com

MX

10 de-smtp-inbound-1.mimecast.com
10 de-smtp-inbound-2.mimecast.com

Verified for

Adobe
Microsoft 365

Email authentication partial

SPF

v=spf1 mx A:mediactive.fr a:mailing.hachette-livre.fr a:afmail.lagardere.fr a:hlvemail1.hachette-livre.fr a:hlmkmail2.hachette-livre.fr a:webmail.hachette-livre.fr a:webmail2.hachette-livre.fr include:spf.protection.outlook.com ip4:31.15.27.144 ip4:31.15.27.145 include:de._netblocks.mimecast.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc-aggregate-report@hachette-livre.fr; ruf=mailto:dmarc-forensic-report@hachette-livre.fr; fo=1; adkim=r; aspf=r; pct=100

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7D+DuTqXO+mLTTWKCu0DejemjpBAxTu05V7pf4O6Y4iV9VIx7v0yHltS/LOtGCzjk3TEV4Z/9s+djL…

selectors probed

Certificate (current)

WE1

from 2026-04-14 to 2026-07-13

Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.hachette-collections.com/fr-fr/

present

strict-transport-security
content-security-policy
x-content-type-options
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy

Header values

permissions-policy: accelerometer=(), geolocation=('self'), fullscreen=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=('self')
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.clarity.ms *.telebalance.tv *.my-probance.one *.privacy-center.org *.cloudflareinsights.com *.criteo.com *.googlesyndication.com *.snapchat.com *.r66net.net *.amazon-adsystem.com *.paa-reporting-advertising.amazon https://sc-static.net *.adform.net https://rules.quantcount.com https://secure.quantserve.com/ https://js.adsrvr.org https://stage-data.hipay.com https://mpsnare.iesnare.com https://libs.hipay.com https://mpsnare.iesnare.com/time.mp3 wss://mpsnare.iesnare.com/star https://mpsnare.iesnare.com/star https://rules.quantcount.com/ https://secure.quantserve.com/ https://js.adsrvr.org https://cdn.sticky.io https://mpsnare.iesnare.com https://libs.hipay.com https://mpsnare.iesnare.com/time https://marketing.hachette-partworks.com https://cdn.wishpond.net/connect.js https://u.videostep.com https://analytics.tiktok.com https://www.clarity.ms https://static.r66net.com https://k.r66net.com https://ks.invibes.com
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (6)

Linked from (1)

mediactive-network.net×3