indexo.dev

cfa-academique-fcomte.fr

.fr crawl

First seen 2026-04-15 · Last seen 2026-05-07 · ok HTTP/1.1 200 597 ms crawled 2026-05-11

FR · 37.59.187.146 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
CFA Académique de Franche-Comté
Description
Des formations en apprentissage dans plusieurs secteurs d’activité : Bâtiment, industrie, service & santé, tertiaire et métiers d’art.
Language
fr-FR
Generator
WordPress 6.9.4
Canonical
https://cfa-academique-fcomte.fr/
Feeds

Open Graph

url
https://cfa-academique-fcomte.fr/
title
CFA Académique de Franche-Comté
locale
fr_FR
site name
CFA Académique Franche-Comté
description
Des formations en apprentissage dans plusieurs secteurs d’activité : Bâtiment, industrie, service & santé, tertiaire et métiers d’art.

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • fonts.googleapis.com×5
  • www.googletagmanager.com×2
  • cdn.jsdelivr.net×1
  • fonts.gstatic.com×1
  • gmpg.org×1

Social

Contact

Phone
Address
rue Nicolas Bruand25000

Registration

Registrar
GANDI
Created
2019-10-15
Expires
2026-10-15 147 days left
Updated
2026-04-22
Name servers
  • ns-194-a.gandi.net
  • ns-205-b.gandi.net
  • ns-65-c.gandi.net

DNS records live

NS
  • ns-194-a.gandi.net
  • ns-205-b.gandi.net
  • ns-65-c.gandi.net
MX
  • 10 spool.mail.gandi.net
  • 50 fb.mail.gandi.net
Verified for
  • Brevo
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 a mx ip4:37.59.187.146 include:_mailcust.gandi.net include:_spf.google.com include:gatewayxl.alinto.net ~all
softfail (~all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
  • dkim: v=DKIM1;h=sha256;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoEtb5if3gvI0g52iG+tu+YhY43qMjqRd1p+51s524iE3at34e83iVO3SISH8fYCCrYssum…
selectors probed

Certificate (current)

R12
from 2026-04-22 to 2026-07-21
Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://cfa-academique-fcomte.fr/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), autoplay=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none'; upgrade-insecure-requests; script-src 'self' 'unsafe-eval' 'unsafe-inline' maps.googleapis.com www.youtube.com www.youtube-nocookie.com s.ytimg.com www.googletagmanager.com www.google-analytics.com www.google.com www.gstatic.com www.recaptcha.net cdn-cookieyes.com cdn.jsdelivr.net www.googleadservices.com googleads.g.doubleclick.net *.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net; img-src 'self' data: blob: https: maps.gstatic.com img.youtube.com *.ytimg.com *.ggpht.com; font-src 'self' data: fonts.gstatic.com; connect-src 'self' maps.googleapis.com www.google-analytics.com region1.google-analytics.com stats.g.doubleclick.net log.cookieyes.com cdn-cookieyes.com www.googletagmanager.com www.google.com www.gstatic.com www.googleadservices.com googleads.g.doubleclick.net *.doubleclick.net; frame-src 'self' app.cookieyes.com www.youtube.com www.yout
strict-transport-security
max-age=15768000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin

Links to (3)

Linked from (1)