carrier.es
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (13)
- www.carrier.be×2
- www.carrier.lu×2
- app.usercentrics.eu×1
- www.carrier.cz×1
- www.carrier.de×1
- www.carrier.dk×1
- www.carrier.fr×1
- www.carrier.hr×1
- www.carrier.nl×1
- www.carrier.pl×1
- www.carrier.sk×1
- www.carrier.uk×1
- www.googletagmanager.com×1
DNS records live
- NS
-
- gabe.ns.cloudflare.com
- tricia.ns.cloudflare.com
- MX
-
- 10 _dc-mx.c44f9643bda1.carrier.es
Email authentication strong
- SPF
- not published
- DMARC
-
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.compolicy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 22 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(self), camera=(self "https://heating-system-registration-b2b.viessmann.com" "https://heating-system-registration-b2b.viessmann-climatesolutions.com"), microphone=(self), autoplay=(self "https://www.youtube.com" "https://www.youtube-nocookie.com" "https://player.vimeo.com"), fullscreen=(self "https://www.youtube.com" "https://www.youtube-nocookie.com" "https://player.vimeo.com")- x-content-type-options
nosniff- content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' data: blob: *;- strict-transport-security
max-age=31557600