acrplus.org

.org crawl

First seen 2026-04-29 · Last seen 2026-05-07 · ok HTTP/1.1 200 3618 ms crawled 2026-05-07

FR · 91.121.61.54 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Association of Cities and Regions for sustainable Resource management - Home

Language

Feeds

www.acrplus.org: News / Events RSS

Open Graph

title: Association of Cities and Regions for sustainable Resource management - Home

Technology

Server: Apache

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.googleapis.com×13
hcaptcha.com×1

Social

Contact

Email

Address

Avenue des Arts 3-4-5, Brussels B1210

Registration

Registrar

OVH sas

Created

2005-07-06

Expires

2026-07-06 47 days left

Updated

2025-08-20

Name servers

dns200.anycast.me
ns200.anycast.me

DNS records live

NS

dns200.anycast.me
ns200.anycast.me

MX

1 acrplus-org.mail.protection.outlook.com

TXT

1|www.acrplus.org

Verified for

Microsoft 365

Email authentication strong

SPF: v=spf1 include:spf.protection.outlook.com include:_spf.netanswer.fr ip4:188.165.185.33 ip4:5.135.60.216 -all
strict (-all)
DMARC: v=DMARC1; p=none
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-04-10 to 2026-07-09

Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.acrplus.org/en/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com *.hotjar.com data:;img-src * data: blob:; connect-src 'self' wss://*.hotjar.com *.hotjar.com *.hotjar.io *.addthis.com lydia-app.com *.lydia-app.com *.openstreetmap.org maps.googleapis.com *.analytics.google.com *.google-analytics.com *.gstatic.com *.hcaptcha.com *.facebook.com *.raygun.io wss://*.crisp.chat *.cometchat.io *.api-eu.cometchat.io *.widget-eu.cometchat.io wss://*.websocket-eu.cometchat.io https://app ; object-src 'self' https://www.youtube.com https://www.dailymotion.com; frame-ancestors 'self' ; base-uri https://acr-plus.netanswer.fr/; form-action 'self' https://login.microsoftonline.com/ https://netanswer.rpxnow.com https://preprod-tpeweb.e-transactions.fr/ https://tpeweb.e-transactions.fr/ https://paiement.creditmutuel.fr https://systempay.cyberpluspaiement.com https://payment-webinit-mercanet.test.sips-atos.com/paymentInit https://payment-webinit-mercanet.test.sips-services.com/paymentInit https://
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (1)

linkedin.com×1

Linked from (1)

rudoflash.fr×1