operadeparis.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 901 ms crawled 2026-05-18

FR · 89.185.44.102 · AS8426 Claranet Limited

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Opéra national de Paris
Description: Le Palais Garnier et l’Opéra Bastille. Programmation, Billetterie, Informations pratiques.
Language: fr

Open Graph

url: https://www.operadeparis.fr
title: Opéra national de Paris
author: https://www.facebook.com/operadeparis
site name: Opéra national de Paris
description: Le Palais Garnier et l’Opéra Bastille. Programmation, Billetterie, Informations pratiques.

Technology

Server: nginx

Analytics

Google Tag Manager

Third-party hosts loaded (4)

res.cloudinary.com×46
tm4oedch3e.kameleoon.eu×1
www.googletagmanager.com×1
www6.smartadserver.com×1

Social

Registration

Registrar

NAMESHIELD

Created

2000-01-27

Expires

2026-07-15 56 days left

Updated

2025-07-03

Name servers

nsa.perf1.fr
nsb.perf1.com
nsc.perf1.com

DNS records live

NS

nsa.perf1.fr
nsb.perf1.com
nsc.perf1.com

MX

1 operadeparis-fr.mail.protection.outlook.com

TXT

Show 6 TXT records

0ll3k20x1x2fdwj3xdpr11zhppggxsnx
stripe-verification=203c9b33a8ccb1891daf1a2c5a924b75ff378306f914bd0582623dea941e64d7
v=spf2.0/pra mx ip4:185.88.104.169 ip4:212.99.9.70/32 ~all
apple-domain-verification=h2DXLOB6wJdL0qRo
google-site-verification=KK5JFJN-B-Cbm1IRTK6B0b6u5AN3rpDPKEi0NzeK5Ok
facebook-domain-verification=a1yor4x3e3d8aoabwc621q844ijoaw

Email authentication partial

SPF

v=spf1 ip4:185.88.104.169 include:spf.secutix.com include:spf.operadeparis.fr include:spf.protection.outlook.com include:spf.mandrillapp.com -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none; pct=100; rua=mailto:exploitation@operadeparis.fr; ruf=mailto:exploitation@operadeparis.fr; fo=1

policy: none (monitoring only) · sp=none

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvthsE80yLe2vaArQ/aJ5GZ71ZYOwwQPSMxf4o0/WEpKqD3YpEece6oCKQT0hoFccSi03MCDqafubw…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxGfWAWy63Ircc2ifxIJKu1NjZv6dJF69j8v40GLYYi2/NCHWCmX5O1Ho5f/K/m5zyW6HX2pcmJuk1BWOeyE…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryRDrZe9wVSkCmpo35vx5v42osyaVGxMyNhgg6L4+8lwdBf2DjbZ/VLmk3tIuL+KSg76wYxYCoZTuzaP03…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAhr8cUVj6iRuMRSRskRgqUQgliPTEllsIuSH6585FQ8I98ThssC8O/OfNwaDTvH8pDJrIDDiGRkNnV7C2…

selectors probed

Certificate (current)

Gandi RSA Domain Validation Secure Server CA 3

from 2026-03-31 to 2026-10-16

Expires in 149 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.operadeparis.fr/

present

content-security-policy

findings

missing HSTS
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: base-uri 'self';connect-src 'self' *.doubleclick.net wss://operadeparis.local:8080/ws https://operadeparis.local:8080 https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://www.googleadservices.com https://www.google.com https://google.com *.kameleoon.eu https://*.kameleoon.com https://*.kameleoon.io https://*.kameleoon.eu https://data.kameleoon.eu https://*.kameleoon.net *.adtrafficquality.google *.adtrafficquality.google/pagead/sodar *.operadeparis.fr *.mzrn.net *.googlesyndication.com *.google.com *.googleadservices.com *.googletagmanager.com *.google-analytics.com *.axept.io *.axeptio.eu *.axeptio.tech *.imagino.com https://via.batch.com https://ws.batch.com https://*.batch.com *.batch.com *.adnxs.com *.xiti.com *.clarity.ms https://ib.adnxs.com/pixie https://logs1412.xiti.com https://j.clarity.ms/collect https://analytics.tiktok.com *.webservices.francetelevisions.fr https://api-embed.webservices.francetelevisions.fr px.ads.linkedin.com https://api.cloud