univ-st-etienne.fr

.fr crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 2295 ms crawled 2026-05-18

FR · 161.3.1.48 · AS1724 Renater

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Bienvenue sur le site de l'Université Jean Monnet - Saint-Etienne - Université Jean Monnet

Language

Generator

Ametys CMS Open source (http://www.ametys.org)

Feeds

Technology

Server: nginx

Fonts

Google Fonts

Third-party hosts loaded (1)

fonts.googleapis.com×1

Contact

Phone

Address

Rue Tréfilerie – CS 82301

Registration

Registrar

GIP RENATER

Created

1994-12-31

Expires

2026-12-31 224 days left

Updated

2026-03-11

Name servers

eip1.u-ga.fr
eip2.u-ga.fr
janon.univ-st-etienne.fr
ns2.nic.fr
stroph.univ-st-etienne.fr

DNS records live

NS

eip1.u-ga.fr
eip2.u-ga.fr
janon.univ-st-etienne.fr
ns2.nic.fr
stroph.univ-st-etienne.fr

MX

50 mx1.relay.renater.fr
50 mx2.relay.renater.fr

Verified for

Apple
Google
HARICA

Email authentication partial

SPF

v=spf1 a:aix.univ-st-etienne.fr a:coise.univ-st-etienne.fr include:spf.partage.renater.fr include:spf.relay.renater.fr include:sendgrid.net include:spf.eudonet.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc-reports@univ-st-etienne.fr; ruf=mailto:dmarc-reports@univ-st-etienne.fr

policy: none (monitoring only)

DKIM

mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAw6b4mr0bGGXSDxwJLXXiU7JPxX8sE56AXbQAbLrTWdk0Tkp/6J79gufox+n3gY/5mi…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/mO3vVh4WEDevMwBDZJPmr8VVryMOFSQBCZlSqgMX70Z2rmDko89IdLfeYRoN1A57IZOYfNkamyHzE4uXs…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45TzT5iOEbQR6S/Aw/WZ2ZwVtnb9Qrx0vqNzJwme3DryoT8essbmcDqfYcn8AJwRk2zwFhUO5LvdorG8fCLslh/…

selectors probed

Certificate (current)

GEANT TLS ECC 1

from 2025-10-15 to 2026-10-15

Expires in 147 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.univ-st-etienne.fr/fr/index.html

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
weak content type protection

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: ALLOW-FROM https://docs.ametys.org, SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=*, battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https: data: ms-word: ms-powerpoint: ms-excel: ms-visio: ms-access: ms-project: ms-publisher: ms-infopath: vnd.libreoffice.command:, frame-ancestors 'self' https://mydrive.univ-st-etienne.fr https://mydrive-ng.univ-st-etienne.fr https://laboratoirehubertcurien.univ-st-etienne.fr
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (2)

campusfrance.org×3
transform4europe.eu×3