parismatch.com

HTML metadata

Title: Paris Match
Description: Sur Paris Match, tous les jours, retrouvez l'actualité nationale et internationale et l'actu de vos people préférés
Language: fr

Open Graph

url: https://www.parismatch.com
title: Paris Match
description: Sur Paris Match, tous les jours, retrouvez l'actualité nationale et internationale et l'actu de vos people préférés

Technology

CDN: Amazon CloudFront

Analytics

Google Tag Manager

Ads

Xandr

Third-party hosts loaded (19)

www.googletagmanager.com×2
529463906×1
acdn.adnxs.com×1
boot.pbstck.com×1
cdn.jsdelivr.net×1
cdn.opecloud.com×1
cdn.pbstck.com×1
com.ldf.parismatch.view×1
geo.dailymotion.com×1
logs1242.xiti.com×1
news.google.com×1
p.a2d.io×1
profiles.tagger.opecloud.com×1
refresh.pbstck.com×1
t.seedtag.com×1
tracking.lqm.io×1
www.facebook.com×1
www.lagarderenews.io×1
www.tag.agrvt.com×1

Social

Registration

Registrar

Nameshield SAS

Created

1996-05-16

Expires

2027-05-17 363 days left

Updated

2026-02-06

Name servers

ns-1344.awsdns-40.org
ns-1719.awsdns-22.co.uk
ns-320.awsdns-40.com
ns-610.awsdns-12.net

DNS records live

NS

ns-1344.awsdns-40.org
ns-1719.awsdns-22.co.uk
ns-320.awsdns-40.com
ns-610.awsdns-12.net

MX

10 mxa-0024c501.gslb.pphosted.com
10 mxb-0024c501.gslb.pphosted.com

TXT

Show 12 TXT records

google-gws-recovery-domain-verification=56991829
google-site-verification=ECvub6XCLODKgyKAuULVPA96NZuoqESWBavrCoQChHw
include:_shortspf.launchmetrics.com include:spf-0024c501.pphosted.com include:spf.voxpay.fr include:spf-002edd01.pphosted.com include:spf.protection.outlook.com
MS=ms79177281
RC7rQipS6djJGRTnCaTUQUhyYLEen8t9dUB7nEBQSKKz+LR74WVJ8fq7vI88ZOBzBEo/ueP8S74WyQJDxPeFOw==
_gh-lesechosleparisien-o.parismatch.com=032a889b99
a:smtp-crm.ediis.fr a:afmail.lagardere.fr -all
atlassian-domain-verification=SEGpG4bTVeaxNo1890aT5ZMHYvsauMXSeXc7Va6/mIJgaD6FmVxaKgcWryHpf2aH
botify-site-verification=wKocLwxm1Mu6oyRx6bpY4qc6CUufNjaG
bw=gSAClN26kMEWTzlGePg7D5qBahzF1nmX9BwnwQGPBgFQ
dropbox-domain-verification=gqtrxpdcapz2
facebook-domain-verification=bu1pefnuhp77f95jmeztno95r96fiv

Email authentication strong

SPF

v=spf1 ip4:41.250.253.113 ip4:91.223.84.0/24 ip4:85.116.32.0/19 ip4:178.248.184.0/24 ip4:81.92.112.0/20 ip4:212.121.162.0/24 ip4:51.91.64.57 ip4:51.178.133.37 ip4:194.51.172.0/24

no all qualifier

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com

policy: reject (enforced)

DKIM

default: v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrctW5Q/oddS/N/5zho+iSe4wLYYICOTklLha6nJTH5hAKllt+n3na6KNouHHlE0Je1/8AheFPrc3/GqQKRZjN…
selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/CYbtkodpfbK5BZ5GCjDL7icU0NEoB5RHLgBHqcdFQ2VwYkYKucSlqdfADxLISHPTghOKes4qy44P…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2026-02-01 to 2027-03-02

Expires in 287 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.parismatch.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: ch-ua-model=*, ch-ua-platform-version=*
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; script-src https: 'unsafe-inline' 'unsafe-eval' https://*.permutive.com; connect-src https: https://*.permutive.com; img-src https: data: https://*.permutive.com; style-src https: 'unsafe-inline'; font-src https: data:; media-src https: data: blob:; worker-src https: blob:;
strict-transport-security: max-age=31536000