indexo.dev

fondactions-canmp.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 3582 ms crawled 2026-05-15

FR · 81.252.166.77 · AS3215 Orange

Reputation 100/100

sector nonprofit type homepage

HTML metadata

Title
Accueil | Fond'Actions Jeunes
Description
Bienvenue sur le site du Fond’Actions Jeunes du Crédit Agricole Nord Midi-Pyrénées qui donne l'impulsion aux projets des plus jeunes en financant des formations.
Language
fr

Technology

Server
Apache
Fonts
  • Google Fonts

Third-party hosts loaded (1)

  • fonts.googleapis.com×1

Social

Registration

Registrar
Gandi SAS
Created
2021-01-27
Expires
2027-01-27 251 days left
Updated
2026-01-08
Name servers
  • ns-38-b.gandi.net
  • ns-53-a.gandi.net
  • ns-76-c.gandi.net

DNS records live

NS
  • ns-38-b.gandi.net
  • ns-53-a.gandi.net
  • ns-76-c.gandi.net
MX
  • 10 vade-mx-fr01.hornetsecurity.com
  • 10 vade-mx-fr02.hornetsecurity.com
  • 20 vade-mx-eu-fallback01.hornetsecurity.com
  • 20 vade-mx-eu-fallback02.hornetsecurity.com
Verified for
  • Google

Email authentication strong

SPF
v=spf1 include:spf.hornetsecurity.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine
policy: quarantine
DKIM
  • mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwxd9+aNMru1CzIUe5hRLlnBkfOFtGnGdntEoSvJy7dyhSO638HJRJgM5UmSe5/qoCJemShO+h87uLlCGQIc…
selectors probed

Certificate (current)

R13
from 2026-04-06 to 2026-07-05
Expires in 45 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.fondactions-canmp.com/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, ALLOW-FROM https://fonts.googleapis.com/, ALLOW-FROM https://youtube.com/, ALLOW-FROM https://www.youtube.com/, ALLOW-FROM https://www.gstatic.com/, ALLOW-FROM https://i.ytimg.com/
x-content-type-options
nosniff
content-security-policy
default-src 'self';form-action 'self';frame-ancestors 'self';frame-src www.youtube-nocookie.com;font-src fonts.gstatic.com;connect-src 'self' *.xiti.com;style-src 'self' fonts.googleapis.com 'unsafe-inline' 'nonce-AM5uxzHyOaMd9jCM5LHPA72nBiHXcLze';style-src-attr 'self' 'unsafe-inline';script-src 'unsafe-eval' 'self' *.xiti.com tag.aticdn.net *.pa-cd.com 'nonce-AM5uxzHyOaMd9jCM5LHPA72nBiHXcLze';img-src 'self' data:

Links to (4)

Linked from (1)