dift.com

HTML metadata

Title

Dift, la plateforme pour collecter et donner aux associations | Dift

Description

Choisissez votre cause et créez votre cagnotte solidaire. Dift rend la générosité simple, en offrant aux particuliers et entreprises, un outil pour donner, en confiance

Language

fr

Canonical

https://dift.com

Translations

en
fr

Open Graph

url: https://dift.com
title: Dift, la plateforme pour collecter et donner aux associations | Dift
site name: Dift
description: Choisissez votre cause et créez votre cagnotte solidaire. Dift rend la générosité simple, en offrant aux particuliers et entreprises, un outil pour donner, en confiance

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Cloudflare Insights

Third-party hosts loaded (1)

static.cloudflareinsights.com×1

Social

Registration

Registrar

Scaleway SAS

Created

2005-03-26

Expires

2027-03-26 311 days left

Updated

2026-05-08

Name servers

autumn.ns.cloudflare.com
john.ns.cloudflare.com

DNS records live

NS

autumn.ns.cloudflare.com
john.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

stripe-verification=8ea85d0ec32c7a5b2e844dedc60bc3221b43f91476f85a18370a6eff0dc32fe8
brevo-code:5b3ae57d10dd713709ad8804a550df08
google-site-verification=v2lAR1PYzZhOP3W4qVj1uy9c_JBAVCXyNJ0nfJuGQVI

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:spf.brevo.com include:25117458.spf05.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:20135043f45648d0a3860ee8e9d91315@dmarc-reports.cloudflare.net; ruf=mailto:20135043f45648d0a3860ee8e9d91315@dmarc-reports.cloudflare.net; fo=1; aspf=s; adkim=s

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO5U8bt4eIUUGMDscsFW7AAA6F67Cu3gMemMTK+21kF1tRz+q2ncMGm9uzl+zdVANxK2Qtc24Zbaqy…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

WE1

from 2026-04-28 to 2026-07-27

Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://dift.com/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self' forms-eu1.hsforms.com app.dift.com app.captaincause.com; script-src 'self' static.hotjar.com script.hotjar.com 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' vercel.live accounts.google.com *.vercel-scripts.com js.hsforms.net static.cloudflareinsights.com static.axept.io client.axept.io https://cdn.jsdelivr.net/npm/@captaincause/dift-widget/dist/dift-widget.min.js tally.so script.hotjar.com static.hotjar.com; style-src 'self' 'unsafe-inline' accounts.google.com fonts.googleapis.com static.hotjar.com script.hotjar.com 'unsafe-inline'; img-src 'self' blob: data: nice-cabbage-5c95c7fc34.media.strapiapp.com dift.com img.youtube.com www.youtube.com forms-eu1.hsforms.com capcause-staging.s3.eu-west-3.amazonaws.com capcause.s3.eu-west-3.amazonaws.com capcause-public-assets.s3.eu-west-3.amazonaws.com axeptio.imgix.net favicons.axept.io *.hotjar.com tile.openstreetmap.org customer-hbcj05wtnws8txq8.cloudflarestream.com app.dift.com app.captaincause.c
strict-transport-security: max-age=63072000; includeSubDomains; preload