saq.com

HTML metadata

Title

SAQ : Découvrez la sélection de vins, bières et spiritueux en ligne

Description

La SAQ offre l'achat de boissons alcooliques (vins, bières et spiritueux) en magasin au Québec et propose aussi la vente en ligne.

Language

fr

Canonical

https://www.saq.com

Translations

en-ca
fr-ca

Open Graph

url: https://www.saq.com
title: SAQ : Découvrez la sélection de vins, bières et spiritueux en ligne
site name: SAQ
description: La SAQ offre l'achat de boissons alcooliques (vins, bières et spiritueux) en magasin au Québec et propose aussi la vente en ligne.

Technology

CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar

Name SRS AB

Created

1996-02-29

Expires

2027-03-02 287 days left

Updated

2026-02-09

Name servers

ns1.io-servers.com
ns2.io-servers.com

DNS records live

NS

ns1.io-servers.com
ns2.io-servers.com

MX

0 saq-com.mail.protection.outlook.com

TXT

Show 8 TXT records

google-site-verification=ZkLQ6dGivQEU9CRtCWWkMkyCkS6Y0n2U0Q531ezQ_38
09.11.2025
_globalsign-domain-verification=rPXo8dHpj7vs26NW5a29Zp0ibWwz1S2dVe1sEI9zaZ
MS=ms67864234
postman-domain-verification=a88362c030dc9004c02a44c676fb510e604f1bc8445fb2b6a558286be0de90c7a08f22e141302399c4894f070104199a0a49b2cb32ead7051af111085fb70eb8
_globalsign-domain-verification=nEgd2ZEwFix8HpguUA7R-E3I4tjC8JRBPBfzD18Vwu
google-site-verification=gHIPt9aRG8OFhX0yK6qEnCG1KfP7PCBKD_6kBF_a7po
google-site-verification=WiNo-qAMxBEfnXiDQ9cTfcglu0KD-thVDHoi9j9QGKk

Email authentication strong

SPF

v=spf1 mx ip4:198.140.134.10 ip4:207.96.174.138 ip4:209.47.1.69 include:ofsys.com include:spf.givex.com ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;pct=100;rua=mailto:dmarc.saqcom@saq.qc.ca,mailto:saq@dr.dmarc.fr;

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzldcDhAXavq3rKlq7QYdVC2bO865eQKHmxUq1Fcc1f5f3OCInurd+JK6PIrxCXyEh603PrT2793/bW2V7H…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpxLhBmAToEn6LWG8pwzsz4cuP31kyFWPOmy9cIXaPCOAw1K534KOHz/AjOzEV9lbu/iUoEaJh5LrIGYjqVPUBTY…

selectors probed

Certificate (current)

GlobalSign RSA OV SSL CA 2018

from 2026-02-23 to 2027-03-27

Expires in 312 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.saq.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: font-src fonts.gstatic.com use.typekit.net fonts.googleapis.com data: fonts.gstatic.com/ applepay.cdn-apple.com data: 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ www.googletagmanager.com *.googletagmanager.com esqa.moneris.com www3.moneris.com pay.google.com data: youtube.com www.youtube.com vimeo.com google.com www.google.com www.google.ca www.google.fr www.gstatic.com saq.cvmanager.com amc.demdex.com *.spotify.com *.weezevent.com *.moneris.com *.privacy-center.org lepointdevente.com thepointofsale.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google
strict-transport-security: max-age=31536000; includeSubDomains; preload