indexo.dev

upsti.fr

.fr crawl

First seen 2026-04-13 · Last seen 2026-05-07 · ok HTTP/1.1 200 3311 ms crawled 2026-05-07

FR · 178.33.84.55 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
UPSTI
Language
fr-fr
Generator
Joomla!, SEBLOD

Technology

Server
Apache
CMS
Joomla
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
OVH
Created
2006-06-26
Expires
2026-06-26 38 days left
Updated
2025-07-31
Name servers
  • dns.ovh.net
  • ns.ovh.net

DNS records live

NS
  • dns.ovh.net
  • ns.ovh.net
MX
  • 0 upsti-fr.mail.protection.outlook.com
TXT
  • google-site-verification=3HfLgOpuENMYtkpL_FFP3lqWUZ18IrfMc3yJSrN7fW0

Email authentication strong

SPF
v=spf1 include:mx.ovh.com ip4:37.59.136.176/32 ip4:37.59.136.168/32 ip4:146.59.157.90/32 ip4:178.33.84.55/32 ip6:2001:41d0:128:300:0:136:176:1/112 ip6:2001:41d0:128:300:0:136:168:1/112 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1;p=none;rua=mailto:postmaster@upsti.fr;sp=none;aspf=r;
policy: none (monitoring only) · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleBDm2n7TKKycTgc4tqyn634s1NYXQHUw6hCGoyQyUXe0r3ZySemP8QGfsowiXJwF82opfV5FMxux6…
selectors probed

Certificate (current)

E7
from 2026-05-03 to 2026-08-01
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.upsti.fr/

present
  • content-security-policy
  • x-content-type-options
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; sync-xhr 'self'; usb 'none'; wake-lock 'none'; xr 'none';
x-content-type-options
nosniff
content-security-policy
default-src 'none'; object-src 'self'; frame-src 'self' https://upsti.pinault-bigeard.com https://www.tf1.fr https://*.googleapis.com https://calendar.google.com https://*.office365.com/ https://login.microsoftonline.com/ https://*.twitter.com https://twitter.com https://*.twimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net https://*.linkedin.com https://checkout.stripe.com https://*.dailymotion.com https://*.vimeocdn.com https://*.vimeo.com https://*.ytimg.com https://www.youtube.com https://www.youtube-nocookie.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://www.google.com/jsapi https://www.google.com/uds/ https://www.gstatic.com https://*.googleapis.com https://maps.google.com https://maps.google.fr https://*.gstatic.com https://www.googletagmanager.com https://*.apis.google.com https://apis.google.com https://ssl.google-analytics.com https://*.ggpht.com https://tagmanager.google.com https://*.googletagservices.co

Links to (12)

Linked from (1)