indexo.dev

blackanddecker.es

.es crawl

First seen 2026-04-18 · Last seen 2026-05-12 · ok HTTP/1.1 200 2665 ms crawled 2026-05-12

DE · 23.67.140.104 · AS16625 Akamai Technologies, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Herramientas Eléctricas | Herramientas de Jardin | Pequeños Electrodomésticos | BLACK+DECKER
Description
Official website of BLACK+DECKER®. Make completing projects easier than ever with our range of innovative power tools, garden tools, home products and more.
Language
es
Generator
Drupal 10 (https://www.drupal.org)
Canonical
https://www.blackanddecker.es/
Translations
  • es

Open Graph

image:url
https://bynder.sbdinc.com/m/cac9b4d5c441e81d/Drupal_Large-BD_category-fallback-center_GEB1.jpg

Technology

CDN
Akamai
CMS
Drupal
Analytics
  • Google Tag Manager
Third-party hosts loaded (10)
  • bynder.sbdinc.com×15
  • acquia.io×1
  • api.bazaarvoice.com×1
  • builder.lift.acquia.com×1
  • cdn.jsdelivr.net×1
  • cdn.pricespider.com×1
  • network-a.bazaarvoice.com×1
  • us.perz-api.cloudservices.acquia.io×1
  • widgets.reevoo.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • a1-218.akam.net
  • a18-67.akam.net
  • a5-64.akam.net
  • a6-65.akam.net
  • a8-66.akam.net
  • a9-67.akam.net
MX
  • 10 mxa-00254701.gslb.pphosted.com
  • 10 mxb-00254701.gslb.pphosted.com
TXT
  • qn7c9445rf7mbcnlr7qt0zrdfjygzl9b
  • 21dx045v668lsmph4ywtcb7xhwzbtb90
  • facebook-domain-verification=5238ir9iv3g7qrpzcmb2ljysf821b6

Email authentication strong

SPF
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G3 TLS ECC SHA384 2020 CA1
from 2025-10-13 to 2026-10-14
Expires in 147 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.blackanddecker.es/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' data: blob: wss://*.pricespider.com http://*.pricespider.com https://*.zdassets.com; script-src https: 'unsafe-eval' 'unsafe-inline' data: blob: wss://*.pricespider.com http://*.pricespider.com; connect-src https: 'unsafe-eval' 'unsafe-inline' data: blob: wss://*.pricespider.com http://*.pricespider.com wss://*.zopim.com https://*.zdassets.com; upgrade-insecure-requests; report-uri /csp.cgi;
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Links to (6)

Linked from (1)