indexo.dev

pass-alsace.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-12 · ok HTTP/1.1 200 1781 ms crawled 2026-05-07

US · 104.18.28.244 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Pass'Alsace : visiter les sites touristiques d'Alsace
Description
Le Pass'Alsace est la clé d'accès aux plus beaux sites touristiques d'Alsace. Châteaux, musées ou parcs animaliers d'Alsace n'attendent plus que vous !
Language
fr
Canonical
https://www.pass-alsace.com/lang/fr
Translations
  • de
  • en
  • es
  • fr

Open Graph

url
https://www.pass-alsace.com/
title
Pass'Alsace : visiter les sites touristiques d'Alsace
description
Le Pass'Alsace est la clé d'accès aux plus beaux sites touristiques d'Alsace. Châteaux, musées ou parcs animaliers d'Alsace n'attendent plus que vous !

Technology

CDN
Cloudflare
CMS
WordPress
Analytics
  • Cloudflare Insights
Fonts
  • Google Fonts
Third-party hosts loaded (10)
  • cdn.otipass.com×25
  • fonts.googleapis.com×4
  • static.otipass.cloud×4
  • passalsace.otipass.net×3
  • cdn.jsdelivr.net×1
  • fonts.gstatic.com×1
  • otipass.cloud×1
  • static.cloudflareinsights.com×1
  • widgets.rr.skeepers.io×1
  • www.facebook.com×1

Social

Contact

Phone
Address
80 rue du château, 26740, Montboucher-sur-Jabron, FR

Registration

Registrar
OVH sas
Created
2013-02-04
Expires
2027-02-04 260 days left
Updated
2026-04-22
Name servers
  • byron.ns.cloudflare.com
  • tina.ns.cloudflare.com

DNS records live

NS
  • byron.ns.cloudflare.com
  • tina.ns.cloudflare.com
MX
  • 1 mx0.mail.ovh.net
  • 5 mx1.mail.ovh.net
  • 50 mx2.mail.ovh.net
  • 500 mx3.mail.ovh.net

Email authentication partial

SPF
v=spf1 include:mx.ovh.com ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-22 to 2026-07-21
Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.pass-alsace.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
no-referrer-when-downgrade
permissions-policy
geolocation=(self https://umap.openstreetmap.fr https://livemap.getwemap.com), microphone=(), camera=(self)
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.payzen.eu/ https://grc.amiens-tourisme.com/ https://*.welogin.fr/ https://*.openopenagenda.com https://cdn.openagenda.com https://*.calameo.com https://*.lillemetropole.fr https://*.matomo.org https://*.facebook.net https://www.google.com https://www.gstatic.com https://unpkg.com https://static.otipass.cloud https://*.openstreetmap.org https://livemap.getwemap.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://matomo.otipass.net https://connect.facebook.net https://client.crisp.chat https://umap.openstreetmap.fr https://widgets.rr.skeepers.io https://static.systempay.fr https://analytic.larochelle-tourisme.com https://www.google-analytics.com https://www.googletagmanager.com https://vsgptest.acquitysoftware.com/; worker-src 'self' blob:; child-src 'self' blob:; frame-src 'self' blob: https://*.payzen.eu/ https://grc.amiens-tourisme.com/ https://www.google.com https://www.gstatic.com https://umap.openstreetmap.fr h
strict-transport-security
max-age=15552000; includeSubDomains

Links to (11)

Linked from (2)