fayard.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1564 ms crawled 2026-05-18

FR · 217.70.184.55 · AS29169 GANDI SAS

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Fayard
Description: Découvrez tous les livres et les auteurs de Fayard, maison d'édition française fondée en 1857. Littérature, Actualités, Histoire, Sciences Humaines.
Language: fr
Canonical: https://www.fayard.fr/

Open Graph

url: https://www.fayard.fr/
title: Fayard
description: Découvrez tous les livres et les auteurs de Fayard, maison d'édition française fondée en 1857. Littérature, Actualités, Histoire, Sciences Humaines.

Technology

CDN: Amazon CloudFront
Server: AmazonS3
CMS: Next.js

Fonts

Google Fonts

Third-party hosts loaded (2)

media.hachette.fr×32
fonts.gstatic.com×1

Social

Contact

Phone

01 45 49 82 00

Address

13 rue du Montparnasse75006 ParisphoneTéléphonecontactsSoumettre un manuscritquestion_answerContact

Registration

Registrar

GANDI

Created

2002-06-12

Expires

2027-06-15 391 days left

Updated

2026-05-15

Name servers

ns-161-a.gandi.net
ns-221-b.gandi.net
ns-3-c.gandi.net

DNS records live

NS

ns-161-a.gandi.net
ns-221-b.gandi.net
ns-3-c.gandi.net

MX

10 hlmail2.hachette-livre.fr
50 hlmail1.hachette-livre.fr

TXT

google-site-verification=TCP_MK9JVlOJLrdkOFM7ZaQQ3JuSyXeqCxxy0VuvGwY

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Gandi RSA Domain Validation Secure Server CA 3

from 2025-09-12 to 2026-10-12

Expires in 145 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.fayard.fr/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; frame-ancestors 'none'; font-src * 'self' data: https://fonts.gstatic.com; script-src * data: blob: 'unsafe-inline' 'unsafe-eval' https://plugins.flockler.com https://sdk.privacy-center.org/ https://api.privacy-center.org/ https://www.googleadservices.com https://www.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com; style-src * 'self' 'unsafe-inline' https://fonts.googleapis.com https://sdk.privacy-center.org/ https://api.privacy-center.org/
strict-transport-security: max-age=63072000; includeSubdomains; preload