hiscox.fr

HTML metadata

Title

Assurance Professionnelle en ligne | Devis gratuit | Hiscox FR

Description

Votre devis en ligne en 3 min avec l'assurance professionnelle Hiscox, adaptée aux TPE, PME, freelances et indépendants.

Language

fr

Generator

Drupal 10 (https://www.drupal.org)

Canonical

https://www.hiscox.fr/

Translations

de-de
en-gb
en-us
nl-nl

Open Graph

url: https://www.hiscox.fr/
title: Assurance Rc Pro HISCOX
locale: fr_FR
site name: Assurance Rc Pro HISCOX
description: Votre devis en ligne en 3 min avec l'assurance professionnelle Hiscox, adaptée aux TPE, PME, freelances et indépendants.

Technology

CDN: Cloudflare
CMS: Drupal

Analytics

Cloudflare Insights
Google Tag Manager

Third-party hosts loaded (10)

cdnjs.cloudflare.com×4
js.hsforms.net×2
cdn.jsdelivr.net×1
static.cloudflareinsights.com×1
widget.trustpilot.com×1
www.googletagmanager.com×1
www.hiscox.co.uk×1
www.hiscox.com×1
www.hiscox.de×1
www.hiscox.nl×1

Social

Contact

Phone

01 53 21 82 82

Registration

Registrar

CSC CORPORATE DOMAINS INC.

Created

1999-06-08

Expires

2026-08-23 96 days left

Updated

2025-08-24

Name servers

ns1-02.azure-dns.com
ns2-02.azure-dns.net
ns3-02.azure-dns.org
ns4-02.azure-dns.info

DNS records live

NS

ns1-02.azure-dns.com
ns2-02.azure-dns.net
ns3-02.azure-dns.org
ns4-02.azure-dns.info

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

Show 9 TXT records

11aRWx - 130776_SMS2_3981
google-site-verification=DCg0bNKaI0RhzlbedYLwGh4OR3hyATv3HtQCIW1GESQ
d365mktkey=GCLdnzwj4aarxfxqbmc0p7EiXgteZplZ4qMi3I3Ny3Qx
MS=ms59479044
sy4zckk2ld5rr19qjwkfzvns9my9vxd5
_em51ltblo7m4iv7z7a5a5ynsmet2x7m
_globalsign-domain-verification=m5zSi-c-ny4_MWycZb0wzfPO4F0KlPDfxQlfb4ueEF
wLnOfj2txHR5RvjhIT8iKX6SnmNdbNGDcJAtL73DOAAiQFgR9I4P8Jjb6cOl+TjK9SiSPWXr3jlnVdKkmSsvgQ==
EssJH/E6bmU9Am37g/gz+ZMJeTTSizJWXVYqhZFG5Hs=

Email authentication strong

SPF: v=spf1 include:_netblocks.mimecast.com ~all
softfail (~all)
DMARC: v=DMARC1; p=reject; rua=mailto:0782b17d5857572@rep.dmarcanalyzer.com; ruf=mailto:0782b17d5857572@for.dmarcanalyzer.com; fo=1;
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2025-05-15 to 2026-06-05

Expires in 17 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.hiscox.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),bluetooth=(),browsing-topics=(),camera=(),compute-pressure=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-create=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),speaker-selection=(),storage-access=(),usb=(),web-share=(),window-management=(),xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'none'; style-src * 'unsafe-inline'; img-src * 'self' data: https:; media-src *; frame-src *; frame-ancestors 'self' *.hiscox.fr; child-src *; font-src * data:; connect-src *; report-uri /report-csp-violation
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin