snhypnose.fr
HTML metadata
Technology
- Server
- Apache
- jQuery
- 1.7.1 known XSS (<3.5)
- Stack
- PHP
- Fonts
-
- Google Fonts
Third-party hosts loaded (4)
- fonts.googleapis.com×13
- hcaptcha.com×1
- maps.googleapis.com×1
- static.addtoany.com×1
Social
Contact
Registration
- Registrar
- GANDI
- Created
- 2017-05-15
- Expires
- 2029-05-15 1075 days left
- Updated
- 2026-05-09
- Name servers
-
- ns-173-c.gandi.net
- ns-22-b.gandi.net
- ns-57-a.gandi.net
DNS records live
- NS
-
- ns-173-c.gandi.net
- ns-22-b.gandi.net
- ns-57-a.gandi.net
- MX
-
- 10 mx0.netanswer.fr
- 19 mx1.netanswer.fr
- TXT
-
v=DMARC1; p=nonev=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dZUfrXpA3OWhel/zEUxQmVD8IWdrM5TClD1j2KXucTFjDpP/+eZi0y34JLw8tZ+/bAhEk6WTuiJv9tK5PAUFpzut78OHe0JvjS6olvc5LO6cLGfGtkP1WIfc3ZjOK81nkMK9hpB+keq/5XYVcVtTPSYG7Ynra66kBqYHqaogaPseZ6RaoYgWxu9d7lgqy6z/PMFgQwYnSvPGjgVQpoytgVM2jwf9jTgg6btsA/tup97OljKMEKP3c6+/Hz+A5PhJGwlUN8y7bjiSorq9jCZkN4A0Sb0SneA1iI0EgtRv17ZyKiDFa1uN2bi1Sd5EXjWYiiFuCscY3Sb+B7IyBcVLQIDAQAB
Email authentication partial
- SPF
-
v=spf1 a mx include:_spf.netanswer.fr ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=nonepolicy: none (monitoring only) - DKIM
-
Show 12 DKIM selectors
- default:
v=DMARC1; p=none - google:
v=DMARC1; p=none - selector1:
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dZUfrXpA3OWhel/zEUxQmVD8IWdrM5TClD1j2KXucTFjDpP/+eZi0y34JLw8tZ+/bAh… - selector2:
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dZUfrXpA3OWhel/zEUxQmVD8IWdrM5TClD1j2KXucTFjDpP/+eZi0y34JLw8tZ+/bAh… - k1:
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dZUfrXpA3OWhel/zEUxQmVD8IWdrM5TClD1j2KXucTFjDpP/+eZi0y34JLw8tZ+/bAh… - k2:
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dZUfrXpA3OWhel/zEUxQmVD8IWdrM5TClD1j2KXucTFjDpP/+eZi0y34JLw8tZ+/bAh… - mail:
v=DMARC1; p=none - dkim:
v=DMARC1; p=none - s1:
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dZUfrXpA3OWhel/zEUxQmVD8IWdrM5TClD1j2KXucTFjDpP/+eZi0y34JLw8tZ+/bAh… - s2:
v=DMARC1; p=none - mxvault:
v=DMARC1; p=none - smtpapi:
v=DMARC1; p=none
selectors probed - default:
Certificate (current)
R12
Expires in 77 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com *.hotjar.com data:;img-src * data: blob:; connect-src 'self' wss://*.hotjar.com *.hotjar.com *.hotjar.io *.addthis.com *.pa-cd.com lydia-app.com *.lydia-app.com *.openstreetmap.org maps.googleapis.com *.analytics.google.com *.google-analytics.com *.gstatic.com *.hcaptcha.com *.facebook.com *.raygun.io wss://*.crisp.chat *.cometchat.io *.api-eu.cometchat.io *.widget-eu.cometchat.io wss://*.websocket-eu.cometchat.io cdnjs.cloudflare.com https://app ; object-src 'self' https://www.youtube.com https://www.dailymotion.com; frame-ancestors 'self' ; base-uri https://www.snhypnose.fr/; form-action 'self' https://login.microsoftonline.com/ https://netanswer.rpxnow.com https://preprod-tpeweb.e-transactions.fr/ https://tpeweb.e-transactions.fr/ https://paiement.creditmutuel.fr https://systempay.cyberpluspaiement.com https://payment-webinit-mercanet.test.sips-atos.com/paymentInit https://payment-webinit-mercanet.test.sips-servic- strict-transport-security
max-age=63072000; includeSubDomains; preload