afiseniors.es
afiseniors.es
HTML metadata
Technology
- Fonts
-
- Google Fonts
Third-party hosts loaded (7)
- maxcdn.bootstrapcdn.com×2
- unpkg.com×2
- ajax.googleapis.com×1
- cdn.jsdelivr.net×1
- cdnjs.cloudflare.com×1
- fonts.googleapis.com×1
- fonts.gstatic.com×1
Contact
- Phone
DNS records live
- NS
-
- ns61.domaincontrol.com
- ns62.domaincontrol.com
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Go Daddy Secure Certificate Authority - G2
Expires in 53 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; img-src * 'self' data: https: afistorage.blob.core.windows.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' developers.google.com www.google-analytics.com www.googletagmanager.com ajax.googleapis.com cdnjs.cloudflare.com maxcdn.bootstrapcdn.com www.google.com unpkg.com www.gstatic.com; object-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com cdn.jsdelivr.net; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net maxcdn.bootstrapcdn.com; font-src 'self' https: data:; connect-src *- strict-transport-security
max-age=157680000; includeSubDomains
Links to (3)
- afi.es×5
- google.com×3
- windows.net×3
Linked from (1)
- afi.es×4