modelcarsales.fr
modelcarsales.fr
HTML metadata
Technology
- Server
- nginx
- jQuery
- 1.11.0 known XSS (<3.5)
- Stack
- PHP
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (8)
- fonts.googleapis.com×1
- modelcarsales.de×1
- modelcarsales.es×1
- modelcarsales.eu×1
- modelcarsales.it×1
- modelcarsales.nl×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Registrar
- KEY-SYSTEMS GmbH
- Created
- 2020-04-29
- Expires
- 2027-04-29 331 days left
- Updated
- 2026-05-31
- Name servers
-
- ns1.dnstools.nl
- ns2.dnstools.nl
DNS records live
- NS
-
- ns1.dnsman.nl
- ns2.dnsman.nl
- MX
-
- 10 aspmx.l.google.com
- 20 alt1.aspmx.l.google.com
- 20 alt2.aspmx.l.google.com
- 30 aspmx2.googlemail.com
- 30 aspmx3.googlemail.com
Email authentication weak
- SPF
-
v=spf1 a mx ip4:136.144.207.182 include:_spf.transip.email include:_spf.google.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 69 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self'; connect-src https:; font-src fonts.gstatic.com https:; img-src 'self' https://cdnjs.cloudflare.com data: https:; media-src self; script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com https://www.googletagmanager.com https://code.tidio.co https://widget-v4.tidiochat.com www.google-analytics.com cdnjs.cloudflare.com secure.trust-provider.com connect.facebook.net gullwing.com; style-src 'unsafe-inline' https://fonts.googleapis.com https:; frame-src www.facebook.com www.google.com;- strict-transport-security
max-age=15768000; includeSubDomains