indexo.dev

bigmat.fr

.fr crawl

First seen 2026-04-13 · Last seen 2026-05-13 · ok HTTP/1.1 200 2975 ms crawled 2026-05-06

US · 52.84.50.120 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
BigMat France | Négociants Matériaux de Construction
Description
Bigmat est la 1ère enseigne de négociants indépendants en matériaux de construction. Gros œuvre, carrelage, outillage, menuiserie, isolation.
Language
fr-FR
Canonical
https://www.bigmat.fr/

Open Graph

url
https://www.bigmat.fr/
title
BigMat France | Négociants Matériaux de Construction
locale
fr_FR
site name
BigMat
description
Bigmat est la 1ère enseigne de négociants indépendants en matériaux de construction. Gros œuvre, carrelage, outillage, menuiserie, isolation.

Technology

CDN
Amazon CloudFront
Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • www.facebook.com×2
  • files.webyn.ai×1
  • gmpg.org×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
GANDI
Created
1998-02-16
Expires
2031-06-04 1841 days left
Updated
2026-03-08
Name servers
  • ns-32-c.gandi.net
  • ns-57-a.gandi.net
  • ns-61-b.gandi.net

DNS records live

NS
  • ns-32-c.gandi.net
  • ns-57-a.gandi.net
  • ns-61-b.gandi.net
MX
  • 0 bigmat.in.tmes.trendmicro.eu
TXT
Show 5 TXT records
  • google-site-verification=DyhE5wbB6e1xUmRcZjfUV1HRXxudl_yaiU8nY6KDgjg
  • MS=B3D21E34C30C5A3E87639274A721CCFB104DFFCF
  • google-site-verification=jiYYMIXIorq0Sa8K0N9VagyucBCcEn_jYV98FtQZ8Es
  • MS=ms16669823
  • tmes=e142f96f061a4c70824de828ea08dbf4

Email authentication strong

SPF
v=spf1 mx ip4:195.134.167.2 ip4:143.55.239.115 ip4:188.165.47.240 ip4:94.143.84.252 ip4:31.61.246.210 ip4:37.235.93.0 ip4:95.215.10.172/24 include:spf.matchmaking-studio.com include:spf.mailjet.com include:servers.mcsv.net include:mailrelay.iaxx.eu include:spf.kyxar.fr include:spf.protection.outlook.com ~all
softfail (~all)
DMARC
v=dmarc1; p=quarantine; rua=mailto:postmaster@bigmat.fr
policy: quarantine
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fkWSKhvMAK1WXBSv0ra5ARqAphDVNeQHdMiCdRi0LZ6W+qMUChj1p7itUoWSLQsIKCP+C10HoNNTX…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • mail: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtqE8H6Ed/n1dqa8UnBHSnwrbt6EJ0LRp58a3XP3GRFlsXbC+Hr0MF3aty27CT83+82Ss1GWxHunZM…
selectors probed

Certificate (current)

Amazon RSA 2048 M01
from 2026-02-28 to 2026-09-14
Expires in 117 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.bigmat.fr/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=self, geolocation=self, fullscreen=*, accelerometer=(self "https://challenges.cloudflare.com"), autoplay=(self "https://challenges.cloudflare.com"), encrypted-media=self, gyroscope=(self "https://challenges.cloudflare.com"), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self "https://challenges.cloudflare.com"), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=(self "https://challenges.cloudflare.com")
x-content-type-options
nosniff
content-security-policy
font-src *.bigmat.fr fonts.gstatic.com data: 'self'; form-action *.bigmat.fr 'self'; frame-src *.bigmat.fr *.mollie.com *.calameo.com www.googletagmanager.com challenges.cloudflare.com www.google.com www.hw-recruteur.com www.youtube.com app.lakaa.io *.facebook.com blob: 'self'; img-src *.bigmat.fr *.kyxar.fr maps.gstatic.com fonts.gstatic.com maps.googleapis.com www.google.com www.google.fr pagead2.googlesyndication.com www.facebook.com secure.gravatar.com www.googletagmanager.com axeptio.imgix.net favicons.axept.io data: 'self' 'unsafe-inline'; script-src *.bigmat.fr js.mollie.com maps.googleapis.com challenges.cloudflare.com js-agent.newrelic.com www.gstatic.com www.google.com www.googletagmanager.com *.axept.io googleads.g.doubleclick.net connect.facebook.net files.webyn.ai 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.bigmat.fr fonts.googleapis.com fonts.axept.io 'self' 'unsafe-inline'; manifest-src *.bigmat.fr 'self'; connect-src *.bigmat.fr challenges.cloudflare.com maps.goog
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin

Links to (8)

Linked from (6)