evolution-xy.fr

HTML metadata

Technology

Server

Apache

CMS

Drupal

jQuery

1.12 known XSS (<3.5)

Third-party hosts loaded (1)

• cdnjs.cloudflare.com×1

Registration

Registrar

GANDI

Created

2012-12-21

Expires

2027-02-22 265 days left

Updated

2025-11-03

Name servers

• ns-104-a.gandi.net
• ns-116-b.gandi.net
• ns-180-c.gandi.net

DNS records live

NS

• ns-104-a.gandi.net
• ns-116-b.gandi.net
• ns-180-c.gandi.net

MX

• 0 mxa-009d4f01.gslb.pphosted.com
• 0 mxb-009d4f01.gslb.pphosted.com

TXT

• OBpy8HlfaLdbeOOnxjbSF/KAzUD/yEVCxq9FmqrmJ+F2MyV7zfdVeO1lYnfefppu0y8qsp7+rMUbbA1GlGlWdQ==
• tiTLyItuu6bdJWqHKdeDHWEvx5WQJgXSpXfusRClnYw4pnUxJlEr18YfKRqKWrIbNz4goIgvZ7ZFInSeeFyWuA==
• 1|www.evolution-xy.fr

Verified for

• Google

Email authentication partial

SPF

v=spf1 ip4:66.159.244.6 ip4:66.159.246.125 ip4:137.74.29.40 ip4:185.135.126.64 ip4:194.206.123.113 ip4:194.206.123.115 ip4:185.135.126.70 ip4:188.165.118.131 ip4:51.222.193.112 a:mailhost.arsoe-bretagne.com a:mailhost2.arsoe-bretagne.com include:spf.protection.outlook.com include:amazonses.com include:spf.mailjet.com include:spf-009d4f01.pphosted.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:securite.informatique@innoval.com; ruf=mailto:securite.informatique@innoval.com; fo=1

policy: none (monitoring only)

DKIM

• mail: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMqHgCegOR9O3lhcunn8 43QWWun1Qfj/tM1JiTbc6NNh6E1pLAOA9ttoiZpNi7dupy8+VBydUKki/8SnftLx…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.evolution-xy.fr/index/bovin/lait

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing Permissions Policy

Linked from (1)

• topgen.pl×1