thermor.fr
HTML metadata
Technology
- CDN
- Fastly
Third-party hosts loaded (1)
- db6yd0dln5.kameleoon.io×1
Registration
- Registrar
- GANDI
- Created
- 2007-02-01
- Expires
- 2026-10-30 163 days left
- Updated
- 2025-10-04
- Name servers
-
- ns-138-a.gandi.net
- ns-190-b.gandi.net
- ns-190-c.gandi.net
DNS records live
- NS
-
- ns-138-a.gandi.net
- ns-190-b.gandi.net
- ns-190-c.gandi.net
- MX
-
- 10 mxa-004f0402.gslb.pphosted.com
- 10 mxb-004f0402.gslb.pphosted.com
- TXT
-
dtm-domain-verification=Ugg4ReMHTdLDwjqSuzKxeF0-UzUjQ5VDn6YZSoTSJ5E
Email authentication strong
- SPF
-
v=spf1 ip4:31.222.195.47 ip4:83.166.144.124 include:spf-004f0402.pphosted.com include:spf-004f0404.pphosted.com include:spf.mailjet.com include:mailgun.org include:mail.zendesk.com include:cust-spf.exacttarget.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:ieyn5tmr@ag.eu.dmarcadvisor.com; ruf=mailto:ieyn5tmr@fr.eu.dmarcadvisor.com; fo=1:s:d;policy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7J5Y9Nv7xJdZh9Emwq/hs1eXyfqRdTVmlWAPs1hrmH0FlexthmQSFl/RCglbyiFBfKJw4HgVmgjxKylCBf5… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bLcNbpTdzNPhILY3Ct4qSXZ19WNhgZ2AJ0Nb1ypEm9glA7+9P/Oy5sHcgJgdUQY4HVLtQANCndJCu… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2zHo6JILraj4JfnTCnVP4xSLUoi7RMsaI36O26pe1lgvBgl+EOKdod3TdfQ9P49DKM/BsWpqcqhZ28dImMkoYW4rzL2A…
selectors probed - selector1:
Certificate (current)
GandiCert
Expires in 150 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
microphone=(), camera=(), geolocation=(self), payment=(), fullscreen=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self' form-np.groupe-atlantic.fr https:; script-src 'self' t.contentsquare.net 'unsafe-inline' form.io 'unsafe-eval' https: blob:; style-src 'self' 'unsafe-inline' https:; connect-src 'self' https:; img-src 'self' data: https:; base-uri 'self'; form-action 'self' https://secure.payzen.eu;- strict-transport-security
max-age=31536000; includeSubDomains