sfepa.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-14 · ok HTTP/1.1 200 3743 ms crawled 2026-05-09

FR · 5.135.111.168 · AS16276 OVH SAS

Reputation 62/100 wrong cert weak security headers no dmarc policy

Classifying

HTML metadata

Title: SFEPA | Syndicat des Fabricants d’Explosifs de Pyrotechnie et d’Artifices
Language: fr-FR

Technology

Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

cdn.jsdelivr.net×3
cdnjs.cloudflare.com×2
fonts.googleapis.com×2
fonts.gstatic.com×1
gmpg.org×1
www.google.com×1
www.googletagmanager.com×1

Contact

Phone

2025-02-06 12

Registration

Registrar

OVH sas

Created

2008-09-22

Expires

2026-09-22 125 days left

Updated

2025-09-23

Name servers

dns12.ovh.net
ns12.ovh.net

DNS records live

NS

dns12.ovh.net
ns12.ovh.net

MX

10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
100 mx100.sfepa.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

MS=5D16D96402F4573255632542624D70FC3A7F9102

Email authentication weak

SPF: v=spf1 mx include:_spf.google.com include:mx.ovh.com include:spf.mailjet.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current) wrong cert

R13

from 2026-03-11 to 2026-06-09

Expires in 20 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://www.sfepa.com/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")