castelodesobroso.com
castelodesobroso.com
HTML metadata
Technology
- Server
- Apache
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (6)
- fonts.googleapis.com×2
- cdnjs.cloudflare.com×1
- fonts.gstatic.com×1
- kit.fontawesome.com×1
- www.castelodesoutomaior.com×1
- www.googletagmanager.com×1
Contact
- Phone
Registration
- Registrar
- IONOS SE
- Created
- 2022-03-07
- Expires
- 2027-03-07 290 days left
- Updated
- 2026-03-08
- Name servers
-
- ns1.depo.es
- ns2.depo.es
DNS records live
- NS
-
- ns1.depo.es
- ns2.depo.es
- Verified for
-
- GlobalSign
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
GlobalSign RSA OV SSL CA 2018
Expires in 48 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- weak frame protection
- weak content type protection
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN, SAMEORIGIN- permissions-policy
accelerometer=*, autoplay=*, camera=*, clipboard-read=*, clipboard-write=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, usb=*, xr-spatial-tracking=*- x-content-type-options
nosniff, nosniff- content-security-policy
default-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https:; font-src https: data:; frame-src https:; media-src https:- strict-transport-security
max-age=31536000; includeSubdomains; preload- cross-origin-opener-policy
unsafe-none- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
cross-origin