indexo.dev

baxter.es

.es crawl

First seen 2026-04-14 · Last seen 2026-05-15 · ok HTTP/1.1 200 4673 ms crawled 2026-05-07

US · 104.18.234.86 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Unidos para salvar y mantener vidas | Baxter
Language
es
Generator
Drupal 10 (https://www.drupal.org)
Canonical
https://baxter.es/es
Translations
  • es

Technology

CDN
Cloudflare
CMS
Drupal
Analytics
  • Google Tag Manager
Third-party hosts loaded (7)
  • www.googletagmanager.com×2
  • c.brightcove.com×1
  • edge.api.brightcove.com×1
  • f1.media.brightcove.com×1
  • players.brightcove.com×1
  • players.brightcove.net×1
  • vjs.zencdn.net×1

Social

DNS records live

NS
  • neil.ns.cloudflare.com
  • reza.ns.cloudflare.com
MX
  • 10 mail-na1.baxter.com
  • 20 mail-na2.baxter.com

Email authentication strong

SPF
v=spf1 -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:baxter-international@rua.agari.com; ruf=mailto:baxter-international@ruf.agari.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-03-10 to 2026-06-08
Expires in 20 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://baxter.es/es

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
microphone=(), camera=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.unpkg.com cdn.jsdelivr.net *.cloudfront.net *.brightcove.com *.lrcontent.com *.bootstrapcdn.com hello.myfonts.net *.brightcove.net vjs.zencdn.net *.google-analytics.com *.googletagmanager.com *.jquery.com *.cloudflare.com *.matomo.cloud *.cookielaw.org *.sketchfab.com *.baxterdigital.net *.gstatic.com *.gstatics.com *.onetrust.com *.ceros.com *.hillrom.com *.microsoft.com login.doccheck.com surveys.baxter.com hrcm.indg.net snap.licdn.com *.crazyegg.com pagead2.googlesyndication.com *.g.doubleclick.net wisepops.net *.wisepops.net *.wisepops.com *.adsrvr.org js.zi-scripts.com connect.facebook.com connect.facebook.net *.zscloud.net *.clickagy.com www.youtube.com blob: *.windows.net *.trackify.info *.qualtrics.com *.pages06.net *.coremetrics.com *.pardot.com *.cloudflare.com *.firebasedatabase.app; connect-src 'self' 'unsafe-inline' cdn.jsdelivr.net *.googleapis.com *.lrcontent.com *.cloudfront.net api.loginradius.com *.
strict-transport-security
max-age=31536000

Links to (7)

Linked from (4)