cnmwork.fr

HTML metadata

Title: Accueil - CNM Work
Description: Plateforme emploi et annuaire musical du CNM. Offres d'emploi, structures et actualités du secteur musical.
Language: fr
Canonical: https://www.cnmwork.fr/

Open Graph

url: https://www.cnmwork.fr/
title: CNMwork
description: CNMwork est un portail du Centre national de la musique (CNM) proposant un annuaire et des offres d'emplois, de stages, de services dans le secteur musical.

Technology

CMS: Next.js

Fonts

Google Fonts

Third-party hosts loaded (2)

tarteaucitron.io×3
fonts.gstatic.com×1

Social

Contact

Phone

01 83 75 26 00

Address

151-157 avenue de France, 75013, Paris, France

Registration

Registrar

GANDI

Created

2020-10-28

Expires

2026-10-28 162 days left

Updated

2025-10-02

Name servers

dns1.code-and-design.fr
dns2.code-and-design.fr

DNS records live

NS

dns1.code-and-design.fr
dns2.code-and-design.fr

MX

5 cnmwork-fr.mail.protection.outlook.com

TXT

Show 5 TXT records

google-site-verification=0amzqr0DqH5OkTTAbKF1V0_72tZTjZSHXdcB3CPSOoc
Sendinblue-code:2e836f7e3e7234f088c980828d0e074e
google-site-verification=t_sW3DmzFL6r2XTU6ltGD_Tq9sg36ncOvOpHofihGAg
google-site-verification=LAIJHChWKPIK6AvRnLdaoSLpjdzqeJ4YXmK1OF0nIVs
MS=ms98535247

Email authentication partial

SPF

v=spf1 include:_spf.alwaysdata.com include:spf.sendinblue.com include:spf.protection.outlook.com mx ~all

softfail (~all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400

policy: none (monitoring only) · sp=none

DKIM

default: k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2pwu5pDhe3lRy7NjcaQJWbRQv7Ri/EJxcJPQCqg/z7rw/5kuesSdD5AAVna03PDV84UCbP6NaaTjKTrpbykN3p…
selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/IVvcUIIatKjOPPgnRMbYYcEz7XYR6rmd+PRiaTp1oj057mv5dAqHVP36mZrePfOH5K0Gm03WgfTb…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

R13

from 2026-05-04 to 2026-08-02

Expires in 75 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://cnmwork.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), fullscreen=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-JrZl4qA3KszYjC1Daf1XdQ==' 'unsafe-inline' 'unsafe-eval' https://cdn.matomo.cloud https://stats.cnm.fr https://stats.cnm.fr/js/ https://stats.cnm.fr/matomo.js https://www.google.com https://www.gstatic.com https://tarteaucitron.io https://cdn.tarteaucitron.io; script-src-elem 'self' 'nonce-JrZl4qA3KszYjC1Daf1XdQ==' 'unsafe-inline' 'unsafe-eval' https://cdn.matomo.cloud https://stats.cnm.fr https://stats.cnm.fr/js/ https://stats.cnm.fr/matomo.js https://www.google.com https://www.gstatic.com https://tarteaucitron.io https://cdn.tarteaucitron.io; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.tarteaucitron.io; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.tarteaucitron.io; img-src 'self' data: blob: https://*.matomo.cloud https://stats.cnm.fr https://tarteaucitron.io https://cdn.tarteaucitron.io https:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://*.matom
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin