mestre.fr

.fr crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 1277 ms crawled 2026-05-15

US · 13.225.238.76 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector home type homepage

HTML metadata

Title: Mestre - Spécialiste sanitaire, carrelage, chauffage & clim
Language: fr
Canonical: https://www.mestre.fr/

Technology

CDN: Amazon CloudFront
Server: nginx

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (6)

media.cms.societes.espace-aubade.fr×15
d1jgn95afr9kem.cloudfront.net×3
fonts.gstatic.com×1
www.google.com×1
www.googletagmanager.com×1
www.gstatic.com×1

Social

Contact

Address: 697 Avenue Charlie Chaplin, 69800, Saint-Priest, FR-ARA, FR

Registration

Registrar

ORANGE

Created

2000-03-05

Expires

2027-01-09 234 days left

Updated

2026-02-28

Name servers

ns01.eolas.fr
ns02.eolas.fr
ns03.eolas-dns.eu

DNS records live

NS

ns01.eolas.fr
ns02.eolas.fr
ns03.eolas-dns.eu

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

knowbe4-site-verification=ad218a3926c29167769a1dfd550c1a68
google-gws-recovery-domain-verification=43568915
google-site-verification=ekwNiklBcciheb3LR4V43RjzX9xDoFl6PE8ccnehsQ0

Email authentication strong

SPF

v=spf1 include:spf.mailjet.com a include:_spf.google.com ip4:212.234.232.243 ip4:212.234.232.9 ip4:194.2.199.34 ip4:178.174.99.51 ip4:178.174.99.52 ip4:90.82.249.225 ip4:178.174.99.35 ip4:178.174.99.36 ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dkim@pompac-dev.fr

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCd3wrYpDS4WSeVUNn5f1j0P2gXLy7aP6CFzpZtS/R1gcc/QkFbU10lqGxfRNzq4BmB8EkgJZF0eJo…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Amazon RSA 2048 M04

from 2025-11-07 to 2026-12-06

Expires in 200 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.mestre.fr/

present

content-security-policy
x-frame-options
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: sameorigin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://connect.facebook.net https://unpkg.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://tagmanager.google.com; img-src 'self' data: https://maps.gstatic.com https://maps.googleapis.com https://www.gstatic.com https://*.execute-api.eu-west-3.amazonaws.com https://dzbab7qlkubhz.cloudfront.net https://d1jgn95afr9kem.cloudfront.net https://www.google-analytics.com https://ssl.gstatic.com http://*.espace-aubade.fr https://*.espace-aubade.fr https://www.googletagmanager.com https://www.google.fr https://*.reflet.dev https://www.facebook.com; media-src 'self'; frame-src https://www.google.com https://www.googletagmanager.com https://*.espace-aubade.fr; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; conne

Links to (12)

Linked from (1)

lei-reseaux.fr×1