indexo.dev

groupebpce.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1522 ms crawled 2026-05-18

FR · 91.135.181.240 · AS213466 BPCE S.A.

Reputation 100/100

Classifying

HTML metadata

Title
Le Groupe BPCE exerce tous les métiers de la banque et assurance
Description
Le Groupe BPCE, avec ses principales marques Banque Populaire, Caisse d'Epargne et Natixis, est le 2e groupe bancaire en France.
Language
fr-FR
Canonical
https://www.groupebpce.com/
Translations
  • en
  • fr

Open Graph

url
https://www.groupebpce.com/
title
Le Groupe BPCE exerce tous les métiers de la banque et assurance
locale
fr_FR
site name
Groupe BPCE
description
Le Groupe BPCE, avec ses principales marques Banque Populaire, Caisse d'Epargne et Natixis, est le 2e groupe bancaire en France.
locale:alternate
en_GB

Technology

CDN
Amazon CloudFront
CMS
Gatsby

Third-party hosts loaded (2)

  • js.hcaptcha.com×1
  • newsroom.groupebpce.fr×1

Social

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2009-02-25
Expires
2027-02-25 281 days left
Updated
2026-02-21
Name servers
  • ns10.gcetech.net
  • ns11.gcetech.net
  • pdns1.cscdns.net
  • pdns2.cscdns.net

DNS records live

NS
  • ns10.gcetech.net
  • ns11.gcetech.net
  • pdns1.cscdns.net
  • pdns2.cscdns.net
MX
  • 10 mail-in.protection.bpce-it.fr
TXT
Show 18 TXT records
  • _globalsign-domain-verification=a7RjEsg30yLlPazvY6iJphpCggIM9WC5--xSdc6GN-
  • MS=ms16848437
  • 7g6dw7q2ch629mv2f9jtl94ys778wgd7
  • _5ojr99m9rdd1og3jjq2rxtmlgtt7j15
  • _e602j3cvcz9yjfszy2lg2kio9y9b6f7
  • _g3hjto8y4mv37yi5qfkr3j7wdy6yw7v
  • _kivzi4q72i7x807ao4z29j0aqeaspc2
  • _plom9zw524cgi1vlabt0d77e5xz4zoh
  • pqgdlzmsgjv2vqyqgccswvmtv0r26c38
  • pspw5brgz082j1ffxsgjj5w4bj2b7dyz
  • z6qp9jvts0mr30kzqwp4jf1j0s3dyzpg
  • 8jpvnfxbcb41wz1s0x285fx69mwb6sbf
  • apple-domain-verification=gGaNauZ0wkrXKBAE
  • apple-domain-verification=rr3L6pyn5TEhsdh0
  • docusign=ba5f8e7a-1e5c-46a5-9e8e-ce7390a90c77
  • google-site-verification=7bm8PLJ87tfno1r76MS3QSIrCrQEdrr2kxRLRhqqY0U
  • google-site-verification=ESMBqI5lNvyM2wc69eE9s-Hs64l_jrnHkWwWIkBOAkE
  • google-site-verification=czR2_qv1LH721csiUeh2aDbPnfHCYypuESKceWNj5gI

Email authentication strong

SPF
v=spf1 include:_spf.bpce-it.fr -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; sp=reject; rua=mailto:2478bdc8@inbox.eu.redsift.cloud; ruf=mailto:2478bdc8@inbox.eu.redsift.cloud; adkim=s; aspf=s; fo=0; rf=afrf; ri=3600
policy: reject (enforced) · sp=reject
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpHDPllTItvwkfhWtXFqDyGT50UXCAwqg5nKwGvZTMNlgz8sLtfoc/lNqSzOGONWn8f9o1jFbp/NRz5IsU…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDf2xukXpmssDWLFC3TsmCt71YSnAiSlL7p7F5Iw4RnZQvWqx9imMoDbgetEh90xWvA1GazMb4QpHp3TRxvSrAJDY…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-02-11 to 2027-03-15
Expires in 299 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.groupebpce.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak content type protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.dom101.mapres *.dom101.intres *.dom101.prdres hcaptcha.com *.hcaptcha.com *.tiqcdn.com my.tealiumiq.com *.googletagmanager.com *.googleadservices.com *.doubleclick.net *.youtube.com youtube.com *.ausha.co *.2o7.net *.omtrdc.net; connect-src *.dom101.mapres *.dom101.intres *.dom101.prdres 'self' hcaptcha.com *.hcaptcha.com *.tealiumiq.com *.2o7.net *.omtrdc.net; img-src data: 'self' hcaptcha.com *.hcaptcha.com *.gravatar.com *.2o7.net *.omtrdc.net *.googleapis.com *.groupebpce.fr *.intrabpce.fr; style-src 'self' hcaptcha.com *.hcaptcha.com 'unsafe-inline'; font-src data: 'self'; frame-ancestors *.dom101.mapres *.dom101.intres *.dom101.prdres 'self'; frame-src https: *; script-src-attr 'unsafe-inline'; worker-src *.bluecoat.com; report-uri https://www.csp.bpce.fr/v1/record?id=SIUAS; media-src 'self';
strict-transport-security
max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains; preload

Links to (5)

Linked from (16)