indexo.dev

bdrthermeagroup.com

.com crawl

First seen 2026-04-16 · Last seen 2026-05-11 · ok HTTP/1.1 200 1777 ms crawled 2026-05-11

US · 66.33.60.129 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
BDR Thermea
Language
en
Canonical
https://www.bdrthermeagroup.com/

Open Graph

title
BDR Thermea

Technology

CDN
Vercel
CMS
Joomla
Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust

Third-party hosts loaded (3)

  • edge.sitecorecloud.io×21
  • cdn.cookielaw.org×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
SafeNames Ltd.
Created
2017-03-10
Expires
2027-03-10 293 days left
Updated
2026-03-11
Name servers
  • dns1.safenames.com
  • dns2.safenames.net
  • dns3.safenames.org

DNS records live

NS
  • dns1.safenames.com
  • dns2.safenames.net
  • dns3.safenames.org
MX
  • 10 mxa-001e2d01.gslb.pphosted.com
  • 10 mxb-001e2d01.gslb.pphosted.com
TXT
Show 4 TXT records
  • sc-bdr-prd-cd.azurewebsites.net
  • _miyhqvyo9zssxf6um1vt1v9jjbm8p2f
  • rovag_verification_token=22BA97858D964C96842516195D6BF22B
  • box-domain-verification=f9ba229e62e2d2c9d72472992af9c4eb33717f2f6159824b31a6f35f3d7c338a
Verified for
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:spf-001e2d01.pphosted.com include:spf.protection.outlook.com include:spf-westeu.emailsignatures365.com include:_spf.qemailserver.com include:spf.afas.online a:o1.ptr7040.bdrthermeagroup.com ip4:109.234.207.166 ip4:149.72.73.101 ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUORKPlSBBowD71oHGpf7HHZQ0hzljfWepnRNfeEA7GnlSBI0vM/CRsHYHPyqEj2YSwn9uVAjKfwBq…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNIf6ZC8ytFuSm0JZy6P2kZlpZGW0uYy5ZLcXrMwB5M101IWIl4H8+pE7CQmuAlgOPBYn3M7Adft+C5bYE…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSKpVzgJxO2x0bY0yJQAvTd3r6Hp0hMJx+YeXCtw1JmwNlVk/AdOV4Ok/YzGW3vj3IMdpPz0veg3+V8b2Q…
selectors probed

Certificate (current)

R13
from 2026-03-25 to 2026-06-23
Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bdrthermeagroup.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://cdn.cookielaw.org https://privacyportalde-cdn.onetrust.com https://*.youtube.com https://api-engage-eu.sitecorecloud.io https://edge.sitecorecloud.io https://ka-p.fontawesome.com https://kit.fontawesome.com https://xmc-bdrthermea1-platform-production.sitecorecloud.io/ https://xmf.remeha.co.uk https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google.com bdr-prd-platform-bdrthermea-8givhkdck-bdr-thermea-group.vercel.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' bdr-prd-platform-bdrthermea-8givhkdck-bdr-thermea-group.vercel.app https://cdn.cookielaw.org https://privacyportalde-cdn.onetrust.com https://api-engage-eu.sitecorecloud.io https://*.googletagmanager.com https://*.google-analytics.com https://kit.fontawesome.com https://*.youtube.com https://vitals.vercel-insights.com https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://www.clarity.ms https:
strict-transport-security
max-age=63072000; includeSubDomains; preload;

Links to (3)

Linked from (1)