carglass.es

HTML metadata

Technology

CDN

Amazon CloudFront

Server

Apache

CMS

Drupal

Social

• instagram
• twitter
• youtube
• facebook
• linkedin

Contact

Phone

• 900202005

Address

Facundo Bacardi i Massó 7 - 11, 08100, Mollet del Vallés Cataluña, Cataluña

DNS records live

NS

• dns1.cscdns.net
• dns2.cscdns.net

MX

Show 6 MX records

• 0 carglass-es.mail.protection.outlook.com
• 1 aspmx.l.google.com
• 10 aspmx2.googlemail.com
• 10 aspmx3.googlemail.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

TXT

Show 7 TXT records

• MS=E8FCC1C01180DD5A282F7ED701033F49162D8DBF
• facebook-domain-verification=884rofp2cq6w02ltqqyddcl4gynlhg
• teamviewer-sso-verification=d5c67898f830419d9b21996801cb9655
• google-site-verification=2lfkKxHkjOmga8QCJgTOiI5UF98JBQTths90FiVIs4Q
• google-site-verification=jqRwoRFHlDM7hQEBX6I6OhfDPr6NDxEqW5v1BLnl1QQ
• MS=ms80632959
• nc0h2n2quiplttefh49uf950ul

Email authentication strong

SPF

v=spf1 ip4:213.229.153.128/27 ip4:213.172.52.128/28 ip4:52.213.237.101 ip4:52.17.215.107 ip4:217.130.52.113 ip4:168.245.30.64 ip4:23.21.109.197/27 ip4:147.160.167.0/26 ip4:159.183.165.91 ip4:204.194.222.0/23 ip4:216.185.208.0/22 include:_spf.google.com include:amazonses.com include:spf.vanboxtel.hosting include:139508098.spf04.hubspotemail.net include:spf.protection.outlook.com include:service-now.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;pct=100;aspf=r;adkim=r;rua=mailto:dmarc@carglass.es;

policy: reject (enforced)

DKIM

Show 5 DKIM selectors

• google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCL4irhxiSo98pn4nAHd3eenMXuZfvZH1Wf+nZS89M+EAkLzv/R07O+7RfHgzpPI40mqovjdWWNPkftWWBNJJ…
• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusCZP08aLxHax2v3UVaq9fQSxZttDvOu3XAsrBEBHPOUNJ0W2ifxJIxt3XjhgCuzETHWBzkHJl2nm+…
• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOBnIUoHsFNVstvGjoPryY7T8GURqLx5XZp/WC6xMlknk18mkl7hNEv0OSDWShYRWIFoRQ6q+kz2PKGbVq…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXOj9M+yiyA+4kmylN+srA5d1cB5YkpY0vG7/7BXR0fUQ5w26GXJyaEGCG4g6u8BWhoLuKcpIujzMSkR90a8ab/X…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.carglass.es/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources

Links to (5)

• instagram.com×3
• twitter.com×3
• youtube.com×3
• facebook.com×3
• linkedin.com×3

Linked from (2)

• fpmaragall.org×4
• r4sgroup.com×2