carcabuey.es
carcabuey.es
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- nginx
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (3)
- cdn-cookieyes.com×1
- fonts.gstatic.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
- Address
- Plaza de España 1. C.P.: 14810
DNS records live
- NS
-
- ns-1284.awsdns-32.org
- ns-1797.awsdns-32.co.uk
- ns-264.awsdns-33.com
- ns-802.awsdns-36.net
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
google-site-verification=WxAHB1WWQLRqKHEE8fCohZKN_90_zPAY3zWN-RNqaugfvhb5gt98ty875cnrl0bcz50khgp6097
Email authentication strong
- SPF
-
v=spf1 ip4:195.57.20.245 include:_spf.google.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; pct=100; adkim=r; aspf=rpolicy: reject (enforced) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YpGcP+8ogu62O8qZm2WDahWQ5rbRh4+dJGIi3/LZGlNb8ShWF/TVMNkoStOSLM8vUL7FmGicM3Jbz…
selectors probed - google:
Certificate (current)
Amazon RSA 2048 M04
Expires in 205 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
frame-ancestors https://carcabuey.es capacitor://localhost http://localhost https://staging-appmovil.eprinsa.es https://preproduction-appmovil.eprinsa.es https://appmovil.eprinsa.es; default-src 'self'; script-src-elem 'self' https://wec.eprinsa.es https://wc.eprinsa.es https://cdn-cookieyes.com 'unsafe-inline' 'unsafe-eval' data: https://accounts.google.com https://cdn.jsdelivr.net https://apis.google.com https://calendar.google.com https://cdn.jsdelivr.net https://apis.google.com https://calendar.google.com moz-extension://* https://maps.googleapis.com https://googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://connect.facebook.net https://www.google.com https://www.tiempo.com https://www.eltiempo.es https://www.tutiempo.net https://www.gstatic.com; script-src 'self' https://cdn-cookieyes.com 'unsafe-inline' 'unsafe-eval' https://calendar.google.com https://apis.google.com https://cdn.jsdelivr.net https://www.googletagmanager.com https://www.elti- strict-transport-security
max-age=31536000; includeSubDomains; preload