h3ds.fr
Technology
- Server
- nginx
Registration
- Registrar
- OVH
- Created
- 2011-06-15
- Expires
- 2026-06-15 26 days left
- Updated
- 2024-05-21
- Name servers
-
- ns1.h3ds.fr
- ns2.h3ds.fr
DNS records live
- NS
-
- ns1.h3ds.fr
- ns2.h3ds.fr
- MX
-
- 10 mail.h3ds.fr
- TXT
-
google-site-verification=tXKFuFt08HOhQujfovtudCmKGYcLiompTKwCdMOdUVYgoogle-site-verification=cTxMgTMqRa9W8fxxesHwSpLm_DbzkLZCfBJieJeOhl8
Email authentication partial
- SPF
-
v=spf1 +a +mx +ip4:195.154.199.182 ?allneutral (?all) - DMARC
-
v=DMARC1;p=none;pct=100;policy: none (monitoring only) - DKIM
-
- default:
v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L9lWO6oSTRVeqreUitsPDnDkWJ9sZlsixl3rmbzQjfKO++Av+5VbBNq0t2d2nK6vvaShK5Qe7G+7Hbi1TFf9…
selectors probed - default:
Certificate (current)
R13
Expires in 76 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
sameorigin- permissions-policy
geolocation=(self), microphone=()- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com fonts.googleapis.com www.googletagmanager.com stackpath.bootstrapcdn.com ajax.googleapis.com cdn.jsdelivr.net; connect-src 'self' www.google-analytics.com;img-src * 'self' data: https: www.h3ds.fr www.w3.org www.google-analytics.com; style-src 'self' 'unsafe-inline' h3ds.fr bootstrapcdn.com fonts.googleapis.com stackpath.bootstrapcdn.com cdn.lineicons.com; object-src 'none'; frame-src 'self' www.youtube.com; font-src 'self' fonts.gstatic.com cdn.lineicons.com stackpath.bootstrapcdn.com;- strict-transport-security
max-age=63072000; includeSubdomains; preload