indexo.dev

banquefrancaisemutualiste.fr

.fr crawl

First seen 2026-04-22 · Last seen 2026-05-14 · ok HTTP/1.1 200 2846 ms crawled 2026-05-16

FR · 194.206.83.250 · AS3215 Orange

Reputation 100/100

sector finance type homepage

HTML metadata

Title
Banque Française Mutualiste - Banque dédiée Fonctionnaire - BFM
Description
La Banque Française Mutualiste accompagne les agents du secteur public avec des taux préférentiels. Découvrez et simulez la solution pour votre pro...
Language
fr-FR
Generator
Ibexa DXP
Canonical
https://banquefrancaisemutualiste.fr/

Open Graph

title
Banque Française Mutualiste - Banque dédiée Fonctionnaire - BFM
site name
Banque Française Mutualiste
description
La Banque Française Mutualiste accompagne les agents du secteur public avec des taux préférentiels. Découvrez et simulez la solution pour votre pro...

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • fonts.googleapis.com×2
  • wcb.freezcall.com×2
  • fonts.gstatic.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
Orange Business Services SA, direction EOLAS
Created
2017-03-07
Expires
2026-12-22 215 days left
Updated
2026-02-05
Name servers
  • ns1.espace-client-bfm.fr
  • ns2.espace-client-bfm.fr

DNS records live

NS
  • ns1.espace-client-bfm.fr
  • ns2.espace-client-bfm.fr
TXT
  • _2z57p8ittb1kohcohxmaak6tjxuhy6e
Verified for
  • Google

Email authentication no MX

SPF
v=spf1 -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2025-12-05 to 2026-10-18
Expires in 150 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://banquefrancaisemutualiste.fr/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: www.youtube.com s.ytimg.com; object-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; media-src 'self' https: www.youtube.com; frame-src 'self' https: www.youtube.com; font-src 'self' https:; connect-src 'self' https: wss: www.youtube.com;
strict-transport-security
max-age=15552000; includeSubDomains; preload
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin

Links to (6)

Linked from (3)