demarches-simplifiees.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1647 ms crawled 2026-05-18

FR · 176.31.79.200 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Carry out an administrative procedure online · demarche.numerique.gouv.fr
Language: en
Canonical: https://demarche.numerique.gouv.fr/

Technology

Server: nginx

Third-party hosts loaded (1)

demarche.numerique.gouv.fr×1

Social

Registration

Registrar

OVH

Created

2018-01-30

Expires

2027-01-30 254 days left

Updated

2026-02-28

Name servers

dns200.anycast.me
ns200.anycast.me

DNS records live

NS

dns200.anycast.me
ns200.anycast.me

MX

1 mx4.mail.ovh.net
10 mx3.mail.ovh.net

TXT

1|www.demarches-simplifiees.fr

Verified for

Brevo
Google

Email authentication partial

SPF

v=spf1 include:mx.ovh.com include:spf.brevo.com -all

strict (-all)

DMARC

v=DMARC1;p=none;rua=mailto:rua@dmarc.brevo.com;

policy: none (monitoring only)

DKIM

mail: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2…

selectors probed

Certificate (current)

Certigna Services CA

from 2026-04-22 to 2026-07-21

Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.demarches-simplifiees.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: img-src 'self' data: blob: *.openstreetmap.org *.cloud.ovh.net image.crisp.chat * static.demarches-simplifiees.fr stats.data.gouv.fr; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: client.crisp.chat cdn.jsdelivr.net integration.lasuite.numerique.gouv.fr unpkg.com stats.data.gouv.fr; style-src 'self' 'unsafe-inline' client.crisp.chat unpkg.com cdn.jsdelivr.net; connect-src 'self' client.crisp.chat wss://client.relay.crisp.chat storage.crisp.chat integration.lasuite.numerique.gouv.fr app.franceconnect.gouv.fr openmaptiles.data.gouv.fr openmaptiles.geo.data.gouv.fr openmaptiles.github.io tiles.geo.api.gouv.fr data.geopf.fr object.data.gouv.fr demarche.numerique.gouv.fr www.demarches-simplifiees.fr sentry.io static.demarches-simplifiees.fr data.geopf.fr data.education.gouv.fr geo.api.gouv.fr stats.data.gouv.fr; frame-src 'self' stats.data.gouv.fr static.demarches-simplifiees.fr *.crisp.help; default-src 'self' data: blob: 'report-sample' integration.lasuite.numerique.gouv.fr fonts.g
strict-transport-security: max-age=63072000