indexo.dev

terreal.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-18 · ok HTTP/1.1 200 2191 ms crawled 2026-05-15

FR · 57.128.74.208 · AS16276 OVH SAS

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Terreal | Building materials and photovoltaic solutions
Language
en
Generator
Drupal 9 (https://www.drupal.org)
Canonical
http://terreal.com/en
Translations
  • en

Technology

Server
Apache
CMS
Drupal

Third-party hosts loaded (2)

  • cdn.jsdelivr.net×3
  • unpkg.com×2

Social

Contact

Phone
Address
Rue Pagès,92150

Registration

Registrar
COREhub, S.R.L.
Created
2000-07-07
Expires
2027-07-07 412 days left
Updated
2025-08-26
Name servers
  • ns1.lemarit.de
  • ns1.lemarit.net
  • ns2.lemarit.de
  • ns2.lemarit.net
  • ns3.lemarit.de

DNS records live

NS
  • ns1.lemarit.de
  • ns1.lemarit.net
  • ns2.lemarit.de
  • ns2.lemarit.net
  • ns3.lemarit.de
MX
  • 10 mx01.cloud.vadesecure.com
  • 10 mx02.cloud.vadesecure.com
  • 10 mx03.cloud.vadesecure.com
  • 10 mx04.cloud.vadesecure.com
TXT
Show 4 TXT records
  • MS=B73D6D3221C5425D5EA204F6E203DBD602B0E579
  • knowbe4-site-verification=029de45810de147453cd872ff48f300f
  • ciscocidomainverification=7ea099f47995d0321d1373227bfce3531d91f51eda3239ca8633a28ead7d1ca9
  • VFnDlpqo02Z96XpiOCCobNTuKKclMld955lvVOYFC0XAy0vn9p1JMg9bGu4Z4MdSFD8pQIJR0hCP0O65ytOazw==
Verified for
  • Atlassian
  • GlobalSign
  • Google

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:spf.cloud.vadesecure.com ip4:212.129.16.247 ip4:57.128.74.208 ip4:5.39.71.20 ip4:163.172.66.229 -all
strict (-all)
DMARC
not published
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLtRt9N56FQ9FClyKxKxhXgTcu6OBC657e7HwBFU854dLEn+VdG16AvhlHYw21ccASXyHF8emG0ytYzAqRvi…
selectors probed

Certificate (current)

GlobalSign RSA OV SSL CA 2018
from 2025-06-30 to 2026-08-01
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://terreal.com/en

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' www.googletagmanager.com www.google-analytics.com static.hotjar.com script.hotjar.com maps.google.com maps.googleapis.com *.tile.openstreetmap.fr api-adresse.data.gouv.fr quantcast.mgr.consensu.org secure.quantserve.com rules.quantcount.com cmp.quantcast.com unpkg.com *.axept.io cdn.jsdelivr.net *.sharethis.com www.google.com www.gstatic.com api.mapbox.com terreal.piwik.pro ; child-src 'self' vars.hotjar.com www.youtube-nocookie.com www.youtube.com montoitterreal.terreal.com www.google.com; connect-src 'self' *.doubleclick.net in.hotjar.com api-adresse.data.gouv.fr quantcast.mgr.consensu.org *.quantcast.mgr.consensu.org client.axe
strict-transport-security
max-age=15768000

Links to (10)

Linked from (4)