criollos.fr

.fr crawl

First seen 2026-04-16 · Last seen 2026-05-11 · ok HTTP/1.1 200 1494 ms crawled 2026-05-11

FR · 51.38.184.93 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Artisan chocolatier à la Rochelle - Criollos Thomas Pontacq
Description: Découvrez Criollos, chocolaterie artisanale haut de gamme Rochelaise, fondée par Thomas Pontacq. Une référence parmi les 60 meilleurs chocolatiers de France.
Language: fr-FR
Canonical: https://www.criollos.fr/

Open Graph

url: https://www.criollos.fr/
title: Artisan chocolatier à la Rochelle - Criollos Thomas Pontacq
locale: fr_FR
site name: Criollos
description: Découvrez Criollos, chocolaterie artisanale haut de gamme Rochelaise, fondée par Thomas Pontacq. Une référence parmi les 60 meilleurs chocolatiers de France.
price:currency: EUR

Technology

Server: Apache

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar

OVH

Created

2006-08-17

Expires

2026-06-21 30 days left

Updated

2024-09-13

Name servers

dns113.ovh.net
ns113.ovh.net

DNS records live

NS

dns113.ovh.net
ns113.ovh.net

MX

1 mx1.mail.ovh.net
100 mx3.mail.ovh.net
5 mx2.mail.ovh.net

TXT

1|www.criollos.fr
mandrill_verify.MGP7Gnk1FIia8Yx8NQIzrg

Verified for

Google

Email authentication partial

SPF

v=spf1 include:mx.ovh.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

from 2026-03-25 to 2026-06-23

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.criollos.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), camera=(), microphone=(), fullscreen=(), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axept.io https://*.mapbox.com https://*.colissimo.fr https://www.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.google.com https://*.gstatic.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://fonts.axept.io https://*.fontawesome.com https://*.jquery.com https://stackpath.bootstrapcdn.com; img-src 'self' data: https://axeptio.imgix.net; font-src 'self' data: https://fonts.axept.io https://stackpath.bootstrapcdn.com; connect-src 'self' https://*.axept.io https://*.google-analytics.com https://*.googleapis.com https://*.google.com https://api.mapbox.com https://*.mapbox.com https://cdn.segment.com https://api.segment.io; frame-src 'self' blob: https://*.google.com; frame-ancestors 'self';
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin

Links to (5)

Linked from (1)

beantobar-france.fr×2