mesdroitssociaux.gouv.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-20 · ok HTTP/1.1 200 1081 ms crawled 2026-05-18

FR · 81.80.42.167 · AS3215 Orange

Reputation 100/100

Classifying

HTML metadata

Title: Mes Droits Sociaux
Language: fr

Technology

Server: MSAWS

Registration

Registrar

NAMESHIELD

Created

2017-01-25

Expires

2027-02-20 275 days left

Updated

2026-02-23

Name servers

a.ns.developpement-durable.gouv.fr
b.ns.developpement-durable.gouv.fr
nsa.perf1.fr
nsb.perf1.com
nsc.perf1.com

DNS records live

NS

a.ns.developpement-durable.gouv.fr
b.ns.developpement-durable.gouv.fr
nsa.perf1.fr
nsb.perf1.com
nsc.perf1.com

MX

10 mesdroitssociaux-gouv-fr.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com ip4:90.83.51.64/26 ip4:194.5.191.0/24 mx -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j0ivgf+TIQJAv/aeLGURgUFJFiafX5B3dm1fNnCu5hSA0sFIv6IaqV7f6b5cOSO5Q4qu5h4ujUAjw…

selectors probed

Certificate (current)

Certigna Services CA

from 2026-04-13 to 2026-07-12

Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.mesdroitssociaux.gouv.fr/accueil/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://tag.aticdn.net https://scripts.told.club; img-src 'self' https://*.xiti.com https://www.mesdroitssociaux.gouv.fr https://*.numerique.gouv.fr https://evolt.imgix.net data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self' data:; frame-src 'self' https://geo.dailymotion.com https://www.dailymotion.com https://widget.told.club; connect-src 'self' https://*.xiti.com https://*.dev-franceconnect.fr https://app.franceconnect.gouv.fr https://api.told.club https://*.gouv.fr; object-src 'none'
strict-transport-security: max-age=31536000;

Linked from (8)

mesquestionsdargent.fr×3
pour-les-personnes-agees.gouv.fr×2
creuse-grand-sud.fr×2
saif.fr×2
ville-royan.fr×2
cc-bdp.fr×1
minedinfos.fr×1
complementaire-sante-solidaire.gouv.fr×1