indexo.dev

iast.fr

.fr crawl

First seen 2026-04-23 · Last seen 2026-05-16 · ok HTTP/1.1 200 4899 ms crawled 2026-05-16

FR · 141.0.206.159 · AS39405 Eurofiber France SAS

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
IAST | Institute For Advanced Study in Toulouse
Language
en
Generator
Drupal 7 (http://drupal.org)
Canonical
https://www.iast.fr/
Feeds

Open Graph

url
https://www.iast.fr/
title
IAST
site name
IAST
description
Institute For Advanced Study in Toulouse

Technology

Server
Apache
CMS
Drupal
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×3
  • ajax.googleapis.com×1

Social

Registration

Registrar
GANDI
Created
2011-05-27
Expires
2027-04-29 345 days left
Updated
2025-06-06
Name servers
  • ns-1-c.gandi.net
  • ns-135-b.gandi.net
  • ns-33-a.gandi.net

DNS records live

NS
  • ns-1-c.gandi.net
  • ns-135-b.gandi.net
  • ns-33-a.gandi.net
MX
  • 0 iast-fr.mail.protection.outlook.com
TXT
  • MS=ms87921319

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:spf.mailjet.com ip4:141.0.206.159 ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

GandiCert
from 2026-03-02 to 2026-09-17
Expires in 121 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.iast.fr/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
permissions-policy
autoplay=(self), sync-xhr=(self), geolocation=(self)
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.tse-fr.eu *.couleur-citron.com ; frame-src 'self' *.google.com *.buzzsprout.com *.youtube.com *.youtube-nocookie.com ; connect-src 'self' *.couleur-citron.com *.matomo.cloud *.doubleclick.net *.googleapis.com *.google-analytics.com *.facebook.com *.youtube-nocookie.com *.oribi.io ; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.couleur-citron.com *.googletagmanager.com *.buzzsprout.com *.youtube.com *.youtube-nocookie.com *.google.com *.facebook.com *.gstatic.com *.googleapis.com *.facebook.net *.licdn.com *.google-analytics.com *.matomo.cloud *.linkedin.com ; font-src 'self' *.googleapis.com *.gstatic.com ; style-src 'self' 'unsafe-inline' *.googleapis.com *.youtube.com *.youtube-nocookie.com ;
strict-transport-security
max-age=31536000; includeSubDomains

Links to (14)

Linked from (2)