indexo.dev

aepd.es

.es toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1037 ms crawled 2026-05-18

SE · 95.100.107.181 · AS20940 Akamai International B.V.

Reputation 100/100

Classifying

HTML metadata

Title
Agencia Española de Protección de Datos | AEPD
Language
es
Canonical
https://www.aepd.es/
Translations
  • en
  • es

Technology

CMS
Drupal

Third-party hosts loaded (1)

  • cdnjs.cloudflare.com×2

Social

Contact

Phone
Address
C/ Jorge Juan, 6. 28001

DNS records live

NS
  • ns1.age.gob.es
  • ns2.age.gob.es
MX
  • 10 mail1.correo.gob.es
  • 10 mail2.correo.gob.es
TXT
Show 6 TXT records
  • mistral-domain-verification=ecdb6a9753b8980fb52f2318277daccc2b559502
  • openai-domain-verification=dv-CwvbooJ5B4uqEqQBYrEMMOqf
  • atlassian-domain-verification=DNg78s9zDTOnoLyGExrn6xF2gFu4I/8gl3PhYnt8gyEaEU/n7ZQVoEHE40kQwat/
  • atlassian-sending-domain-verification=339d906c-e13d-43c7-adea-56698e8a56f5
  • google-site-verification=QGswlo971X0U1qWQ13c_GUpxp4pTsCg8Jlhyt0_NhhU
  • google-site-verification=k6HJySdX5PDHEX6EeYM_LdFotGaHaVFEKhJL-S4-ZIE

Email authentication strong

SPF
v=spf1 ip4:192.148.209.182 ip4:54.229.2.165 ip4:52.30.130.201 include:spf.protection.outlook.com include:_spf.atlassian.net a:spf.correo.gob.es -all
strict (-all)
DMARC
v=DMARC1;p=reject;rua=mailto:042ecf5837@rua.easydmarc.eu,mailto:dmarc@aepd.es;ruf=mailto:042ecf5837@ruf.easydmarc.eu,mailto:dmarc_ruf@aepd.es;fo=1;
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyc71RuQgyXROgOy1PNC4QFzEILjq9xBZiK2DzlhhltXQMYd/mxNk6D35gFiYmRlH/tWAx5Q/n1YVitHoGuH…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwC68pwUUG7Y8jWOUjgqAXCodpVCgsZOsLYK61G5JxSvEl+7y+gXqGiKusbwLahwxhf2nxsFJpBEhj…
  • s2: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuswHPHHcgaDZyhHPpupTkOJwyJhIPU4qpkCivQ+h8Xp42QsHDlbeZ/S+1/8zQnmhLlpIDXp/3qA79etkm34jO…
selectors probed

Certificate (current)

R13
from 2026-05-07 to 2026-08-05
Expires in 77 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.aepd.es/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.googleapis.com *.landbot.io wss://*.firebaseio.com *.youtube.com vimeo.com *.vimeo.com *.go-mpulse.net *.akstat.io *.akamaihd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com https://ds-aksb-a.akamaihd.net *.landbot.io *.firebaseio.com cdn.jsdelivr.net/ *.youtube.com vimeo.com *.vimeo.com *.go-mpulse.net https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js *.youtube-nocookie.com *.unpkg.com:*; style-src 'self' 'unsafe-inline' data: https: http://fonts.googleapis.com; img-src * 'self' data: https:; media-src * 'self' data: https:; frame-src * 'self' data: https:; child-src * 'self' data: https:; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.landbot.io https://cdnjs.cloudflare.com/ajax/libs/font-awesome/; report-uri /report-csp-violation
strict-transport-security
max-age=15768000

Links to (10)

Linked from (50)