indexo.dev

bdsmovement.net

.net crawl

First seen 2026-04-11 · Last seen 2026-05-20 · ok HTTP/1.1 200 1372 ms crawled 2026-05-04

US · 172.66.138.149 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
BDS Movement | BDS MOVEMENT
Description
The Boycott, Divestment, Sanctions (BDS) movement works to end international support for Israel's oppression of Palestinians.
Language
en
Generator
Drupal 10 (https://www.drupal.org)
Canonical
https://bdsmovement.net/node/3
Translations
  • ar
  • en
  • es

Open Graph

url
https://bdsmovement.net/node/3
title
BDS MOVEMENT
site name
BDS Movement
description
The Boycott, Divestment, Sanctions (BDS) movement works to end international support for Israel's oppression of Palestinians.

Technology

CDN
Cloudflare
CMS
Drupal
Analytics
  • Cloudflare Insights
  • Google Tag Manager
Fonts
  • Adobe Fonts
  • Google Fonts
Third-party hosts loaded (7)
  • unpkg.com×5
  • fonts.googleapis.com×2
  • cc.cdn.civiccomputing.com×1
  • fonts.gstatic.com×1
  • static.cloudflareinsights.com×1
  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
DNC Holdings, Inc.
Created
2006-11-28
Expires
2026-11-28 191 days left
Updated
2023-12-01
Name servers
  • coco.ns.cloudflare.com
  • peyton.ns.cloudflare.com

DNS records live

NS
  • coco.ns.cloudflare.com
  • peyton.ns.cloudflare.com
MX
  • 5 mta-gw.infomaniak.ch
TXT
  • v=spf1 include:_spf.google.com include:_spf.mayfirst.org include:spf.infomaniak.ch -all
Verified for
  • Brevo
  • Google

Certificate (current)

WE1
from 2026-04-16 to 2026-07-15
Expires in 56 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://bdsmovement.net/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' unpkg.com cc.cdn.civiccomputing.com *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.ssl.google-analytics.com *.tagmanager.google.com https://static.cloudflareinsights.com *.twitter.com https://www.instagram.com/embed.js *.cloudflare.com https://www.google.com/recaptcha/api.js *.lglforms.com; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com use.typekit.net p.typekit.net unpkg.com; media-src 'self'; frame-src 'self' *.youtube.com *.youtube-nocookie.com youtu.be *.vimeo.com *.sibforms.com *.charityweb.net *.twitter.com *.instagram.com *.cloudflare.com https://www.google.com/recaptcha/api.js *.lglforms.com https://www.google.com; frame-ancestors 'self'; child-src 'self'; font-src 'self' fonts.gstatic.com use.typekit.net; connect-src 'self' apikeys.civiccomputing.com *.googletagmanager.com *.google-analytics.com *.cloudflare.com ipapi.co nominatim.openstreetmap.org; report-uri /report-csp-violation; upgr
strict-transport-security
max-age=1000, max-age=15768000

Links to (5)

Linked from (34)