indexo.dev

chsegura.es

.es crawl

First seen 2026-04-13 · Last seen 2026-05-13 · ok HTTP/1.1 200 1761 ms crawled 2026-05-07

ES · 192.148.214.20 · AS200521 Ministerio de Transformacion Digital y de la Funcion Publica

Reputation 92/100 no dmarc policy

sector government type homepage

HTML metadata

Title
Confederación Hidrográfica del Segura
Language
es

Open Graph

url
https://www.chsegura.es/es/index.html
title
Confederación Hidrográfica del Segura
site name
Confederación Hidrográfica del Segura
description
Confederación Hidrográfica del Segura

Technology

Server
Apache
Ads
  • Meta Pixel

Third-party hosts loaded (5)

  • cdn.datatables.net×11
  • cdnjs.cloudflare.com×9
  • connect.facebook.net×1
  • heltschl.org×1
  • maxcdn.bootstrapcdn.com×1

Social

DNS records live

NS
  • ns1.age.gob.es
  • ns2.age.gob.es
MX
  • 10 mail1.correo.gob.es
  • 10 mail2.correo.gob.es
TXT
  • 917531352

Email authentication partial

SPF
v=spf1 a:spf.correo.gob.es -all
strict (-all)
DMARC
not published
DKIM
  • s2: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuswHPHHcgaDZyhHPpupTkOJwyJhIPU4qpkCivQ+h8Xp42QsHDlbeZ/S+1/8zQnmhLlpIDXp/3qA79etkm34jO…
selectors probed

Certificate (current)

FNMT-RCM
from 2025-10-04 to 2026-10-04
Expires in 136 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://chsegura.es/es/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • weak frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN, SAMEORIGIN
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src http: https: data: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=63072000; includeSubdomains;
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (10)

Linked from (4)