indexo.dev

vae.gouv.fr

.fr crawl

First seen 2026-04-14 · Last seen 2026-05-11 · ok HTTP/1.1 200 1047 ms crawled 2026-05-08

FR · 80.247.12.255 · AS50624 Outscale SASU

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
France VAE | Bienvenue sur le portail de la VAE
Description
Découvrez la version beta du portail officiel du service public de la Validation des Acquis de L'Expérience.
Language
fr

Technology

CMS
Next.js

Third-party hosts loaded (1)

  • healing-nature-bb0384846f.media.strapiapp.com×3

Social

Registration

Registrar
NAMESHIELD
Created
2006-09-11
Expires
2027-02-12 269 days left
Updated
2026-02-15
Name servers
  • dns1.alwaysdata.com
  • dns2.alwaysdata.com

DNS records live

NS
  • dns1.alwaysdata.com
  • dns2.alwaysdata.com
MX
  • 10 mx1.alwaysdata.com
  • 20 mx2.alwaysdata.com
TXT
  • google-site-verification=2cQDYFPq9n-PmVqru-caWCT12D3ncYHsy4DHcs5bvRQ
  • Sendinblue-code:428987ceecf949efa42f3c876856de62

Email authentication partial

SPF
v=spf1 include:_spf.alwaysdata.com include:spf.sendinblue.com mx -all
strict (-all)
DMARC
v=DMARC1; p=none; sp=none; rua=mailto:dmarc@vae.gouv.fr; ruf=mailto:dmarc@vae.gouv.fr; rf=afrf; pct=100; ri=86400
policy: none (monitoring only) · sp=none
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R13
from 2026-04-07 to 2026-07-06
Expires in 48 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://vae.gouv.fr/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; base-uri 'none'; frame-ancestors 'self'; object-src 'none'; img-src https://client.crisp.chat 'self' data: https: ; script-src 'self' https://static.userguiding.com https://public.produktly.com https://matomo.fabrique.social.gouv.fr https://client.crisp.chat 'unsafe-inline'; style-src 'self' https://static.userguiding.com https://public.produktly.com https://matomo.fabrique.social.gouv.fr https://client.crisp.chat 'unsafe-inline'; connect-src 'self' https://client.crisp.chat https://api.produktly.com https://sessions.bugsnag.com https://strapi.vae.gouv.fr https://matomo.fabrique.social.gouv.fr https://auth.vae.gouv.fr https://api-adresse.data.gouv.fr wss://client.relay.crisp.chat; font-src https://client.crisp.chat 'self' data:; frame-src 'self' blob: https://auth.vae.gouv.fr https://plugins.crisp.chat https://metabase.vae.gouv.fr; media-src 'self' https://healing-nature-bb0384846f.media.strapiapp.com https://youtube.com https://dailymotion.com
strict-transport-security
max-age=31536000

Links to (8)

Linked from (3)