modelcarsales.de
modelcarsales.de
HTML metadata
Technology
- Server
- nginx
- jQuery
- 1.11.0 known XSS (<3.5)
- Stack
- PHP
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (8)
- modelcarsales.eu×2
- fonts.googleapis.com×1
- modelcarsales.es×1
- modelcarsales.fr×1
- modelcarsales.it×1
- modelcarsales.nl×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Updated
- 2018-08-15
- Name servers
-
- ns1.dnstools.nl.
- ns2.dnstools.nl.
DNS records live
- NS
-
- ns1.dnstools.nl
- ns2.dnstools.nl
- MX
-
- 20 mail.modelcarsales.de
- Verified for
-
Email authentication weak
- SPF
-
v=spf1 include:_spf.google.com include:_spf.transip.email ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 69 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self'; connect-src https:; font-src fonts.gstatic.com https:; img-src 'self' https://cdnjs.cloudflare.com data: https:; media-src self; script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com https://www.googletagmanager.com https://code.tidio.co https://widget-v4.tidiochat.com www.google-analytics.com cdnjs.cloudflare.com secure.trust-provider.com connect.facebook.net gullwing.com; style-src 'unsafe-inline' https://fonts.googleapis.com https:; frame-src www.facebook.com www.google.com;- strict-transport-security
max-age=15768000; includeSubDomains