indexo.dev

toulon.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 4946 ms crawled 2026-05-19

FR · 37.59.251.196 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Site officiel de la ville de Toulon
Description
Bienvenue sur le site officiel de la Ville de Toulon : actualités, agenda, infos pratiques pour les habitants et visiteurs.
Language
fr
Generator
Drupal 11 (https://www.drupal.org)
Canonical
https://toulon.fr/

Technology

Server
Apache
CMS
Drupal
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×2
  • fonts.gstatic.com×1

Social

Contact

Phone
Address
Avenue de la République,CS 71407

Registration

Registrar
OVH
Created
2004-04-08
Expires
2027-03-16 300 days left
Updated
2026-04-30
Name servers
  • ns1-07.azure-dns.com
  • ns2-07.azure-dns.net
  • ns3-07.azure-dns.org
  • ns4-07.azure-dns.info

DNS records live

NS
  • ns1-07.azure-dns.com
  • ns2-07.azure-dns.net
  • ns3-07.azure-dns.org
  • ns4-07.azure-dns.info
MX
  • 0 toulon-fr.mail.protection.outlook.com
TXT
  • dCzDgRu5yJIqDeQdgwlYS0kbxuAWo7x2K/QQpuLO8/0=
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:85.169.111.139 include:spf.protection.outlook.com include:spf.mailjet.com ip4:91.232.40.203 -all
strict (-all)
DMARC
v=DMARC1; p=none; pct=10; fo=1; rua=mailto:dmarc_rua@metropoletpm.fr; ruf=mailto:dmarc_ruf@metropoletpm.fr
policy: none (monitoring only) · pct=10
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKJrnv9XeRJ7OXn1ytTJVDon8ce+t0+4rpRIgMJwQOxsG8X7eKX00ZCkaRAUykgw5H9/ijWjgMuaxG…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20k7sQwFckUMzF7CNdXsBCLq018FHTZ3a5qClYJucvb/jh42e7ETMXa0u+G/7Aw5QZogJdvMsL6shB…
selectors probed

Certificate (current)

Certigna Wild CA
from 2026-05-06 to 2026-08-04
Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://toulon.fr/

present
  • content-security-policy
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src * 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src * 'report-sample' 'unsafe-inline'; worker-src *; base-uri *; form-action *; frame-ancestors *
content-security-policy-report-only
object-src 'none'; script-src * 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src * 'report-sample' 'unsafe-inline'; worker-src *; base-uri *; form-action *; frame-ancestors *

Links to (7)

Linked from (11)