- ID de l'analyse :
- a6f5efc4-a409-42a8-a122-514e08e55063Terminée
- URL soumise :
- https://www.eset.com/Redirigé
- Fin du rapport :
Risques : 0 trouvé(s)
Copy linkPratiques potentiellement associées à des risques pour la sécurité
En-têtes de sécurité : 7 trouvé(s)
Copy linkEn-têtes de réponse HTTP qui peuvent renforcer la sécurité d'une application web
En savoir plus...| Nom | Valeur | Assistance | Infos |
|---|---|---|---|
| Strict-Transport-Security | max-age=15724800 | Légitime | Déclarez qu'un site web n'est accessible que dans le cadre d'une connexion sécurisée (HTTPS). Cliquez pour en savoir plus... |
| X-Frame-Options | SAMEORIGIN | Légitime | Indiquez si un navigateur doit être autorisé à afficher une page dans un <frame>, <iframe>, <embed> ou <object>. Cliquez pour en savoir plus... |
| X-Content-Type-Options | nosniff | Légitime | Indiquez que les types MIMES affichés dans les en-têtes Content-type doivent être suivis et non modifiés. Cliquez pour en savoir plus... |
| Content-Security-Policy | default-src 'self' https://*.extole.io; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.clickagy.com https://*.demdex.net https://*.eset.com https://*.events.ubembed.com https://*.extole.io https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.optimonk.com https://*.tawk.to https://*.tt.omtrdc.net https://*.zoominfo.com https://acsbapp.com https://ads.reddit.com https://adservice.google.com https://analytics.google.com https://analytics.tiktok.com https://analytics.twitter.com https://aorta.clickagy.com https://api.cloudsponge.com https://api.company-target.com https://api.userway.org https://bat.bing.com https://bat.bing.net https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.cookielaw.org https://cdn.linkedin.oribi.io https://cdn.userway.org https://cdn1.esetstatic.com https://collect.cloudsponge.com https://conversions-config.reddit.com https://cookies-data.onetrust.io https://ct.pinterest.com https://ep.smct.co https://eset.tt.omtrdc.net https://fapi.eset.cz https://front.optimonk.com https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://js.zi-scripts.com https://maps.googleapis.com https://mapsresources-pa.googleapis.com https://pixel-config.reddit.com https://privacyportal.onetrust.com https://process.acsbapp.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://scout.salesloft.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://t.co https://tag-logger.demandbase.com https://tracker.clickguard.com https://web1.acsbapp.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.es https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com https://www.mczbf.com https://www.redditstatic.com https://www.redditstatic.com wss://*.hotjar.com wss://*.tawk.to; font-src 'self' data: https://*.extole.io https://*.gstatic.com https://acsbapp.com https://api.cloudsponge.com https://cdn-content.optimonk.com https://cdn-custom.optimonk.com https://cdn.acsbapp.com https://cdn.userway.org https://cf.xtlo.net https://embed.tawk.to https://fonts.smct.co https://fonts.smct.io https://origin.xtlo.net https://script.hotjar.com https://www.eset.com; form-action 'self' https://enjoy.eset.com https://int.forms.eset.com https://notify.eset.com https://protects.eset.com https://s1069307879.t.eloqua.com https://secure.eset-la.com https://store.eset.com https://support.eset.com https://webto.salesforce.com https://www.facebook.com; frame-ancestors 'self' https://www.eset.com; frame-src 'self' https://*.fls.doubleclick.net https://4144895.extforms.netsuite.com https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://buy.eset.com https://cdn.userway.org https://cj.dotomi.com https://download.eset.com https://embed.tawk.to https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://protects.eset.com https://s.company-target.com https://sgtm.eset.com https://smct.co https://support.eset.com https://td.doubleclick.net https://tpc.googlesyndication.com https://tr.snapchat.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.brighttalk.com https://www.buzzsprout.com https://www.emjcd.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.paperturn-view.com https://www.riddle.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.extole.io https://*.gstatic.com https://*.krxd.net https://*.tawk.to https://*.yahoo.co.jp https://aa.agkn.com https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://aorta.clickagy.com https://api.cloudsponge.com https://assets.capterra.com https://bat.bing.com https://bat.bing.net https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.acsbapp.com https://cdn.cookielaw.org https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn.userway.org https://cdn1.esetstatic.com https://cf.xtlo.net https://cj.dotomi.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://dsum-sec.casalemedia.com https://editor-upload-cdn.optimonk.com https://events.smct.co https://fapi.eset.cz https://googleads.g.doubleclick.net https://home.eset.com https://i.ytimg.com https://id.rlcdn.com https://idsync.rlcdn.com https://images.g2crowd.com https://insight.adsrvr.org https://maps.googleapis.com https://match.adsrvr.org https://origin.xtlo.net https://pagead2.googlesyndication.com https://pixel-sync.sitescout.com https://pixel.rubiconproject.com https://proeesweufesto01.blob.core.windows.net https://proeeswusfesto01.blob.core.windows.net https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://px.steelhousemedia.com https://q.quora.com https://region1.analytics.google.com https://region1.google-analytics.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tags.bluekai.com https://tags.w55c.net https://tawk.link https://tribl.io https://trk.crozdesk.com https://us-u.openx.net https://usermatch.krxd.net https://web1.acsbapp.com https://www.emjcd.com https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.mczbf.com; manifest-src 'self'; media-src 'self' https://api.userway.org https://api.userway.org https://api.userway.org https://cdn.userway.org https://cdn.userway.org https://embed.tawk.to https://web1.acsbapp.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.cookielaw.org https://*.extole.io https://*.js.ubembed.com https://*.mountain.com https://*.optimonk.com https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://*.ubembed.com https://*.xtlo.net https://a.quora.com https://acsbap.com https://acsbapp.com https://analytics.tiktok.com https://api.cloudsponge.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn.userway.org https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://ct.capterra.com https://d.la1-c2-cdg.salesforceliveagent.com https://d3pkntwtp2ukl5.cloudfront.net https://embed.playbuzz.com https://embed.tawk.to https://embed.typeform.com https://fapi.eset.cz https://gleam.io https://googleads.g.doubleclick.net https://img.en25.com https://img06.en25.com https://invitejs.trustpilot.com https://js.gleam.io https://js.smct.co https://js.smct.io https://js.zi-scripts.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://platform.twitter.com https://refer.eset.com https://s786665.t.eloqua.com https://scout-cdn.salesloft.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tag.demandbase.com https://tags.clickagy.com https://tpc.googlesyndication.com https://tribl.io https://trk.crozdesk.com https://visitor.technologyadvice.com https://widget.trustpilot.com https://ws.zoominfo.com https://www.brighttalk.com https://www.buzzsprout.com https://www.clarity.ms https://www.emjcd.com https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.mczbf.com https://www.paperturn-view.com https://www.redditstatic.com https://www.riddle.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://*.extole.io https://*.tawk.to https://api.cloudsponge.com https://cdn-asset.optimonk.com https://cdn-content.optimonk.com https://cdn.jsdelivr.net https://cdn.userway.org https://fonts.googleapis.com https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/reports; report-to csp-endpoint; | Légitime | Contrôlez les ressources que l'agent utilisateur est autorisé à charger pour une page donnée. Cliquez pour en savoir plus... |
| Referrer-Policy | no-referrer-when-downgrade | Légitime | Contrôlez la quantité d'informations de référence à inclure avec les requêtes. Cliquez pour en savoir plus... |
| Clear-Site-Data | — | Légitime | Contrôlez les données stockées par un navigateur client pour les serveurs d'origine. Cliquez pour en savoir plus... |
| X-Permitted-Cross-Domain-Policies | — | Légitime | Contrôlez si un client web tel que Adobe Flash Player ou Adobe Acrobat dispose de l'autorisation nécessaire pour manipuler les données parmi les domaines. Cliquez pour en savoir plus... |
| Permissions-Policy | — | Nouveau | Autoriser et refuser l'utilisation des fonctionnalités du navigateur dans un document ou un iframe. Cliquez pour en savoir plus... |
| Cross-Origin-Embedder-Policy | — | Nouveau | Configurez l'intégration des ressources d'origines croisées dans le document. Cliquez pour en savoir plus... |
| Cross-Origin-Opener-Policy | — | Nouveau | Vérifiez qu'un document de niveau supérieur ne partage pas de groupe de contexte de navigation avec des documents d'origines croisées. Cliquez pour en savoir plus... |
| Cross-Origin-Resource-Policy | — | Nouveau | Demandez à ce que le navigateur bloque les requêtes d'origines croisées/sites croisés qui ne sont pas de type CORS pour la ressource donnée. Cliquez pour en savoir plus... |
| X-XSS-Protection | 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce | Obsolète | Obsolète. Empêche le chargement des pages en cas de détection d'attaques par réflexion de type cross-site scripting (XSS) Cliquez pour en savoir plus... |
| Feature-Policy | accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none' | Obsolète | Obsolète. Remplacement par l'en-tête Autorisations-Politique. Cliquez pour en savoir plus... |
| Expect-CT | — | Obsolète | Obsolète. Choix volontaire de signaler ou appliquer les exigences de transparence de certificat. Cliquez pour en savoir plus... |
| Public-Key-Pins | — | Obsolète | Obsolète. Permet aux sites web HTTPS de résister à l'usurpation d'identité par des acteurs malveillants qui utiliseraient des certificats frauduleux ou émis de manière indue. Cliquez pour en savoir plus... |
Violations de sécurité : 0 trouvée(s)
Copy linkRequêtes et ressources qui constituent une infraction aux politiques de sécurité
Certificats : 13 trouvé(s)
Copy linkLes certificats SSL/TLS permettent aux sites web de chiffrer les transactions entre le client et le serveur et de procéder à une vérification de l'identité du serveur
| Sujet | Date d'émission | Date d'expiration |
|---|---|---|
| www.eset.com | 13 janv. 2025, 00:00:00 | 18 janv. 2026, 23:59:59 |
| *.esetstatic.com | 30 sept. 2024, 00:00:00 | 3 oct. 2025, 23:59:59 |
| api.eset.com | 26 févr. 2024, 00:00:00 | 25 févr. 2025, 23:59:59 |
| jsdelivr.net | 30 juil. 2024, 15:36:05 | 31 août 2025, 15:36:04 |
| *.google-analytics.com | 9 déc. 2024, 08:36:18 | 3 mars 2025, 08:36:17 |
| api.buy.eset.com | 3 avr. 2024, 00:00:00 | 2 avr. 2025, 23:59:59 |
| tawk.to | 19 nov. 2024, 00:49:22 | 17 févr. 2025, 00:49:21 |
| 1667503734.rsc.cdn77.org | 4 déc. 2024, 04:53:02 | 4 mars 2025, 04:53:01 |
| *.js.ubembed.com | 5 déc. 2024, 17:34:09 | 5 mars 2025, 17:34:08 |
| sgtm.eset.com | 23 juil. 2024, 00:00:00 | 22 juil. 2025, 23:59:59 |