almirall.pl
almirall.pl
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress 6.8.5
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
- Ads
-
- Google Ads (DoubleClick)
- Cookie consent
-
- OneTrust
- Fonts
-
- Google Fonts
Third-party hosts loaded (10)
- cdn-ukwest.onetrust.com×4
- fonts.googleapis.com×4
- www.googletagmanager.com×4
- www.google.com×3
- code.jquery.com×2
- fonts.gstatic.com×2
- img06.en25.com×2
- gmpg.org×1
- googleads.g.doubleclick.net×1
- www.gstatic.com×1
Contact
- Phone
DNS records live
- NS
-
- ns1-02.azure-dns.com
- ns2-02.azure-dns.net
- ns3-02.azure-dns.org
- ns4-02.azure-dns.info
- Verified for
-
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 174 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.gstatic.com *.eloqua.com cdn.jsdelivr.net *.googleapis.com region1.google-analytics.com bam.eu01.nr-data.net www.google-analytics.com www.google.es maintenance.almirall.com www.almirall.pl *.doubleclick.net www.google.com *.googleadservices.com *.onetrust.com *.googletagmanager.com; frame-ancestors 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https:- strict-transport-security
max-age=31536000