abby.fr

HTML metadata

Title

Logiciel de Facturation Gratuit Indépendants | Abby

Description

Le logiciel de facturation gratuit n°1 pour les indépendants et auto-entrepreneurs. Factures illimitées, facturation électronique 2026 (Plateforme Agréée), déclarations URSSAF, comptabilité. 100 000+ utilisateurs.

Language

fr-FR

Canonical

https://abby.fr

Translations

fr
fr-fr

Open Graph

url: https://abby.fr/
title: Logiciel de Facturation Gratuit Indépendants
locale: fr_FR
site name: Abby
description: Le logiciel de facturation gratuit n°1 pour les indépendants et auto-entrepreneurs. Factures illimitées, facturation électronique 2026 (Plateforme Agréée), déclarations URSSAF, comptabilité. 100 000+ utilisateurs.

Technology

CDN: Amazon CloudFront
CMS: Nuxt

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.googleapis.com×1
fonts.gstatic.com×1

Social

Contact

Address: 223 avenue du Général Leclerc, 54000, Nancy, FR

Registration

Registrar

GANDI

Created

2006-06-15

Expires

2026-11-24 189 days left

Updated

2025-12-05

Name servers

ns-1385.awsdns-45.org
ns-1553.awsdns-02.co.uk
ns-194.awsdns-24.com
ns-529.awsdns-02.net

DNS records live

NS

ns-1385.awsdns-45.org
ns-1553.awsdns-02.co.uk
ns-194.awsdns-24.com
ns-529.awsdns-02.net

MX

1 smtp.google.com

TXT

Show 7 TXT records

firebase=app-abby-production
google-site-verification=HjERqlFnG4GkIrO2_iLQtG7hH1NhNGR3k8ZQ5vxlqDk
google-site-verification=Ol_zqeYHKEP3R5bOAyvEwqedaokQxNNz0CirRVQzJ7E
openai-domain-verification=dv-QNRftJeG1gLyBOtW31AMsS5v
anthropic-domain-verification-2z6wxz=5UBeEtfB3ATIs619zpJ1gt74B
apple-domain-verification=cYB2YEnKESr6LqeS
brevo-code:f823f02353a1acb3d6aa102e684c3d32

Email authentication partial

SPF

v=spf1 include:_spf.google.com include:_spf.firebasemail.com include:spf.brevo.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com,mailto:re+nrjekjkeejj@dmarc.postmarkapp.com

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/EacO5o3DCsMXX27JcE78gATrke3Rg6Qt4gQ7j6Iy1+fsWikH8mnK/+aNTJOE6YSlcLFqa+C9VHMVyswdwK…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2025-09-18 to 2026-10-18

Expires in 152 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://abby.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data: blob: https: https://*.hotjar.com https://*.disqus.com https://*.disquscdn.com; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; script-src 'nonce-MZ4H21hNFJiM3aOpI2aTP8xl' 'strict-dynamic' 'self' 'wasm-unsafe-eval' https://widget.intercom.io https://js.intercomcdn.com https://static.hotjar.com https://script.hotjar.com https://*.disqus.com https://*.disquscdn.com; upgrade-insecure-requests; connect-src 'self' https: wss: https://*.hotjar.com wss://*.hotjar.com https://*.disqus.com; frame-src https://widget.intercom.io https://player.vimeo.com https://app.livestorm.co https://*.hotjar.com https://www.youtube.com https://*.youtube.com https://lp.abby.fr https://metrics.abby.fr https://disqus.com https://*.disqus.com;
strict-transport-security: max-age=15552000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin

Links to (7)

Linked from (1)

gestme.fr×2