ladiesbank.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 3992 ms crawled 2026-05-19

NL · 20.73.169.12 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Accueil - LB
Language: fr-FR
Canonical: https://www.ladiesbank.fr/

Open Graph

url: https://www.ladiesbank.fr/
title: Accueil
locale: fr_FR
site name: LB

Technology

CDN: Cloudflare
CMS: WordPress

Cookie consent

OneTrust

Fonts

Google Fonts

Third-party hosts loaded (3)

tag.aticdn.net×2
cdn.cookielaw.org×1
fonts.gstatic.com×1

Social

Contact

Phone

2025-02-06 12

Registration

Registrar

SAFEBRANDS

Created

2015-05-12

Expires

2027-05-12 356 days left

Updated

2026-05-03

Name servers

ns1.safebrands.fr
ns2.safebrands.eu
ns3.safebrands.com
ns4.safebrands.org
ns5.safebrands.tech

DNS records live

NS

ns1.safebrands.fr
ns2.safebrands.eu
ns3.safebrands.com
ns4.safebrands.org
ns5.safebrands.tech

MX

10 mx-01.mail-forwarder.io
10 mx-02.mail-forwarder.io

Verified for

Google

Email authentication weak

SPF: v=spf1 include:mailgun.org include:relay.mail-forwarder.io ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Thawte TLS RSA CA G1

from 2025-11-05 to 2026-10-18

Expires in 150 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.ladiesbank.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: accelerometer=(), geolocation=(), fullscreen=(self), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' *.sentry.io *.friendlycaptcha.com *.friendlycaptcha.eu cdn.cookielaw.org geolocation.onetrust.com privacyportal-de.onetrust.com pilau.oddo-bhf.com check.real3dflipbook.net am-nextsuite.oddo-bhf.com; font-src 'self' data: *.wp.com fonts.googleapis.com fonts.gstatic.com *.typekit.net; img-src 'self' data: *.gravatar.com *.openstreetmap.org *.basemaps.cartocdn.com cdn.cookielaw.org t.gp.oddo-bhf.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net cdn.cookielaw.org tag.aticdn.net *.youtube.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' *.youtube.com cdn.cookielaw.org img06.en25.com tag.aticdn.net; style-src 'self' 'unsafe-inline'; frame-src 'self' data: player.vimeo.com www.youtube.com mailto: *.frcapi.com *.cloud.microsoft; manifest-src 'self'; worker-src 'self' blob:; form-action 'self' *.facebook.com; object-src 'none';
strict-transport-security: max-age=31536000
cross-origin-opener-policy: cross-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin

Links to (2)

instagram.com×4
linkedin.com×4

Linked from (1)

oddo-bhf.com×4