alpecreativa.es
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- www.googletagmanager.com×2
- www.google.com×1
Social
Contact
DNS records live
- NS
-
- ns3.dnsnetkia.es
- ns4.dnsnetkia.es
- MX
-
- 0 alpecreativa-es.mail.protection.outlook.com
- TXT
-
openai-domain-verification=dv-reJ6EM8iRI4ZLjisgeONBAn9sophos-domain-verification=b68cf66505ca3fdbac16eb7f23c03ee469b8550616c743bba39b944da3563913
Email authentication partial
- SPF
-
v=spf1 a mx include:_spf.prod.hydra.sophos.com include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1;p=none;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXFwd6FBmIQU/5pQMQolRZdg3aodSRVUJYTqW0TNiU3l9Vs7SFvF+8b7CY66vdn/MydnMFc7SgfF+jCxKhzi… - selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFkSbedXZdjRMovwDWE3aRfi+WmXzJo376xJhewz+/JItM3TIRVRuY+kEmoCNxn4rmwuYKD0yvWJ0QUp65Q4…
selectors probed - selector1:
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 124 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN, SAMEORIGIN- permissions-policy
accelerometer=*, ambient-light-sensor=(), autoplay=*, battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=*, execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self';, default-src 'self' https://cdn.lordicon.com/ *.google-analytics.com https://yoast.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://alpecreativa.es/ https://trackcmp.net https://diffuser-cdn.app-us1.com https://prism.app-us1.com/ https://www.youtube.com/ https://www.youtube.com/iframe_api https://www.googletagmanager.com/ https://ajax.googleapis.com/ https://cdn.lordicon.com/ *.google-analytics.com https://cdn.ampproject.org/ *.google.com *.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ *.gstatic.com https://cdn.ampproject.org/ https://maxcdn.bootstrapcdn.com/ *.google-analytics.com *.google.com; connect-src 'self' data: https://yoast.com/ https://cdn.ampproject.org/ *.google-analytics.com *.google.com *.yoast.com *.gstatic.com; frame-src 'self' data: blob: https://alpecreativa.es/ https://www.youtube.com https://www.youtube-nocookie.com *.google.com *.gstatic.com *.yoast.com *.muffingroup.com https://www.go- strict-transport-security
max-age=31536000; includeSubDomains; preload
Links to (9)
- facebook.com×3
- instagram.com×3
- linkedin.com×3
- pinterest.com×3
- pitma.es×3
- wa.me×3
- wordpress.org×3
- x.com×3
- youtube.com×3
Linked from (20)
- escuelaskicerler.com×4
- escuelaskibaqueira.com×4
- inmoverse.es×4
- asrglobalservices.es×4
- kaicapital.es×4
- pitma.es×3
- escuelaskisierranevada.com×3
- ralset.com×3
- nostelgestion.es×2
- stoy.es×2
- smartpro.es×2
- nostel.es×2
- enertec.es×2
- vialine.es×2
- pitmageneracion.com×2
- eneryt.es×2
- conexioncantabria.com×2
- besayaexpress.es×2
- kassersynths.com×1
- escueladesurfbuenaonda.com×1