thermes-berot.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-14 · ok HTTP/1.1 200 5059 ms crawled 2026-05-14

FR · 46.105.57.169 · AS16276 OVH SAS

Reputation 92/100 no dmarc policy

sector health type homepage

HTML metadata

Title: Cure thermale Dax - Thermes Bérot - L'innovation en thermalisme
Description: Pour votre Cure Thermale à Dax, les Thermes Bérot vous accueillent. Entreprise familiale connue pour son innovation au service du thermalisme
Language: fr-FR
Canonical: https://www.thermes-berot.com/

Open Graph

url: https://www.thermes-berot.com/
title: Cure thermale Dax - Thermes Bérot - L'innovation en thermalisme
locale: fr_FR
site name: Thermes Bérot
description: Pour votre Cure Thermale à Dax, les Thermes Bérot vous accueillent. Entreprise familiale connue pour son innovation au service du thermalisme

Technology

Server: OVHcloud
CMS: WordPress

Social widgets

Vimeo Embed
YouTube Embed

Third-party hosts loaded (5)

player.vimeo.com×2
cdn.trustindex.io×1
gmpg.org×1
www.google.com×1
www.youtube.com×1

Social

Contact

Phone

0558904000

Address

16 rue Louis Barthou, Dax, 40100, FR

Registration

Registrar

OVH sas

Created

2014-12-01

Expires

2026-12-01 195 days left

Updated

2025-12-02

Name servers

dns200.anycast.me
ns200.anycast.me

DNS records live

NS

dns200.anycast.me
ns200.anycast.me

MX

1 mx4.mail.ovh.net
10 mx3.mail.ovh.net

TXT

716596626eea0ae995b413dec0c92862
1|www.thermes-berot.com

Email authentication weak

SPF: v=spf1 include:mx.ovh.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

from 2026-05-03 to 2026-08-01

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.thermes-berot.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=self
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.gouv.fr *.tawk.to *.trustindex.io *.bing.com *.clarity.ms *.privacy-center.org *.cloudflare.com *.google-analytics.com *.google.com *.youtube.com *.youtu.be wss://*.tawk.to; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.gouv.fr *.privacy-center.org *.tawk.to *.cloudflare.com *.google-analytics.com *.facebook.net *.clarity.ms *.bing.com *.dexem.net *.googletagmanager.com *.google.com *.gstatic.com wss://*.tawk.to https://cjshare.com *.cjshare.com *.cleverjump.org *.jsdelivr.net https://sharebutton.net *.sharebutton.net unpkg.com *.youtube.com stats.g.doubleclick.net *.vimeo.com *.trustindex.io; style-src 'self' 'unsafe-inline' *.trustindex.io *.gouv.fr *.googleapis.com *.brevo.com *.jsdelivr.net *.cloudflare.com; img-src data: *; font-src data: *; frame-src 'self' blob: *.youtube.com *.google.com *.gouv.fr; object-src 'none'
strict-transport-security: max-age=31536000

Links to (6)

Linked from (2)

lescuristes.fr×2
aquacert-certification.com×1