indexo.dev

louvre.fr

.fr toplist crawl

First seen 2026-04-11 · Last seen 2026-05-15 · ok HTTP/1.1 200 892 ms crawled 2026-05-08

GB · 195.157.4.140 · AS8426 Claranet Limited

Reputation 100/100

Classifying

HTML metadata

Title
Site officiel du musée du Louvre
Description
Préparez votre visite, découvrez les lieux emblématiques du palais et les collections du musée et suivez l'actualité du Louvre et des Tuileries.
Language
fr
Canonical
https://www.louvre.fr/
Translations
  • en
  • es
  • zh-hans

Open Graph

title
Site officiel du musée du Louvre
site name
Le Louvre

Technology

Server
wadp2
CMS
Drupal

Social

Registration

Registrar
GANDI
Created
1995-07-16
Expires
2026-12-30 225 days left
Updated
2025-12-07
Name servers
  • ns0.fr.claradns.net
  • ns1.fr.claradns.net
  • ns2.fr.claradns.net

DNS records live

NS
  • ns0.fr.claradns.net
  • ns1.fr.claradns.net
  • ns2.fr.claradns.net
MX
  • 1 d349869a.ess.barracudanetworks.com
  • 1 d349869b.ess.barracudanetworks.com
TXT
  • MS=ms46938011
  • teamviewer-sso-verification=2b4692338519425695cef641d1bce041
  • google-site-verification=2Y5RJkNMxo9M98WG1Nc1GdaI6Pt13aUTYizD9NI5q_s

Email authentication strong

SPF
v=spf1 a ip4:89.185.38.128/28 ip4:89.185.38.135/32 ip4:89.185.38.200/29 ip4:78.153.243.182/32 ip4:89.185.38.213/32 ip4:89.185.38.212/32 include:spf.mandrillapp.com include:_spf.datapressepremium.com include:spf.mailjet.com include:mail.zendesk.com include:spf.ess.barracudanetworks.com -all
strict (-all)
DMARC
v=DMARC1;p=quarantine;pct=100;adkim=r;aspf=r;rua=mailto:dmarc@louvre.fr;ruf=mailto:dmarc@louvre.fr;fo=0
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYCk8nZ3jR0AgaVowhYmaxGsDaBlABIPZi8CmkYhFawzX8+4RnbkCEtCcPiZieruWj325YE0zBBEHz…
selectors probed

Certificate (current)

Gandi RSA Domain Validation Secure Server CA 3
from 2026-01-26 to 2027-01-27
Expires in 253 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.louvre.fr/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
fullscreen=(self "https://www.youtube.com" "https://player.vimeo.com" "https://livemap.getwemap.com"),geolocation=(self "https://livemap.getwemap.com")
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://api-www.louvre.fr;base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;script-src 'self' 'strict-dynamic' 'unsafe-inline' https://tag.aticdn.net https://www.youtube.com 'nonce-19d8b719-4026-44c4-ba00-037b18a8d6e8';img-src 'self' data: https://api-www.louvre.fr https://i.ytimg.com https://i.vimeocdn.com;media-src 'self' https://api-www.louvre.fr https://*.ausha.co https://*.radiofrance-podcast.net;connect-src 'self' https://api-www.louvre.fr fxxslpn.pa-cd.com https://*.clarity.ms;frame-src https://www.youtube.com https://player.vimeo.com https://livemap.getwemap.com https://embed.radiofrance.fr/;frame-ancestors 'none';form-action 'self' https://api-www.louvre.fr;manifest-src 'self';font-src 'self' https://fonts.gstatic.com;object-src 'none';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (9)

Linked from (19)