aappma-nivelle-cote-basque.com
HTML metadata
Technology
- Server
- OVHcloud
- CMS
- WordPress 6.9.4
- PHP
- 8.2 security-only
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (4)
- assets.pinterest.com×1
- gmpg.org×1
- www.googletagmanager.com×1
- www.vigicrues.gouv.fr×1
Social
Contact
- Phone
Registration
- Registrar
- OVH sas
- Created
- 2014-02-06
- Expires
- 2027-02-06 248 days left
- Updated
- 2026-02-07
- Name servers
-
- dns200.anycast.me
- ns200.anycast.me
DNS records live
- NS
-
- dns200.anycast.me
- ns200.anycast.me
- MX
-
- 1 mx1.mail.ovh.net
- 100 mx3.mail.ovh.net
- 5 mx2.mail.ovh.net
- TXT
-
1|www.aappma-nivelle-cote-basque.com
Email authentication weak
- SPF
-
v=spf1 include:mx.ovh.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 24 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.stripe.com *.google-analytics.com *.typekit.net *.wp.com *.facebook.com *.facebook.net *.instagram.com *.twitter.com *.pinterest.com *.linkedin.com *.calameo.com; media-src 'self' blob:- strict-transport-security
max-age=31536000