indexo.dev

bonarea-online.com

.com crawl

First seen 2026-04-23 · Last seen 2026-05-17 · ok HTTP/1.1 200 10761 ms crawled 2026-05-17

DE · 3.123.216.247 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

sector ecommerce type homepage

HTML metadata

Title
Comprar bonÀrea compra online | Directe del Camp
Language
ca

Technology

Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • images.bonarea.com×3
  • fonts.googleapis.com×2
  • www.googletagmanager.com×2
  • cdn.cookielaw.org×1
  • cdnjs.cloudflare.com×1

Social

Contact

Phone

Registration

Registrar
SW Hosting & Communications Technologies SL dba Serveisweb
Created
2018-08-17
Expires
2026-08-17 89 days left
Updated
2025-08-13
Name servers
  • ns1.cag.es
  • ns2.cag.es

DNS records live

NS
  • ns1.cag.es
  • ns2.cag.es
MX
  • 0 bonareaonline-com01i.mail.protection.outlook.com
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.mailjet.com include:spf.protection.outlook.com ip4:195.77.119.0/28 -all
strict (-all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:dmarc_agg@vali.email;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOUihJ99VzPocygavVW/UuPGlRGG10Hsu+FkTKzqumA9bHWVtSoikGSjIe7MPsXQLTP3gOqYhRFNGfAUKEo8…
selectors probed

Certificate (current)

Don Dominio RSA DV SSL CA 2
from 2025-06-16 to 2026-07-18
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.bonarea-online.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • weak content type protection
Header values
referrer-policy
strict-origin
x-frame-options
SAMEORIGIN, DENY, SAMEORIGIN
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'none'; connect-src 'self' https://*.bonarea-agrupa.com https://*.onetrust.com https://*.doubleclick.net https://*.windows.net https://*.google.com https://*.google-analytics.com https://*.cookielaw.org https://analytics.tiktok.com https://*.tiktokw.us https://*.stape.net https://*.clarity.ms https://*.googleapis.com; font-src *; form-action 'self' https://*.redsys.es https://*.facebook.com; frame-src 'self' https://*.facebook.com https://*.youtube.com https://td.doubleclick.net *.google.com; img-src * data: https://*.googleapis.com https://*.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.bonarea-agrupa.com https://*.cookielaw.org https://*.cloudflare.com https://*.facebook.net https://*.doubleclick.net *.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com maps.googleapis.com maps.google.com https://analytics.tiktok.com https://*.stape.net https://*.tiktokw.us https://*.clarity.ms *.google.com; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Links to (9)

Linked from (5)