e-extraval.com
HTML metadata
Technology
Third-party hosts loaded (1)
- kit.fontawesome.com×1
Social
Registration
- Registrar
- Arsys Internet, S.L. dba NICLINE.COM
- Created
- 2017-05-11
- Updated
- 2025-05-12
- Name servers
-
- dns35.servidoresdns.net
- dns36.servidoresdns.net
DNS records live
- NS
-
- dns35.servidoresdns.net
- dns36.servidoresdns.net
- MX
-
- 10 mx.serviciodecorreo.es
- TXT
-
l6wch350lg80n9q412x3sgn1kp6d4gl7
Email authentication weak
- SPF
-
v=spf1 include:_spf.serviciodecorreo.es ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA EV R36
Expires in 158 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN, SAMEORIGIN- permissions-policy
camera=(), microphone=(), geolocation=(), fullscreen=*- x-content-type-options
nosniff- content-security-policy
default-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' sgrs:; style-src 'self' https: 'unsafe-inline'; font-src 'self' https: data:; img-src 'self' data: https: https://*.openstreetmap.org/ https://*.agenciatributaria.gob.es/; connect-src 'self' https: wss:; frame-src 'self' afirma: sgrs: https://*.google.com/ https://*.google.es/ https://*.youtube.com/ https://*.signaturit.com/ https://*.pinterest.com/ https://*.weborama.fr/; frame-ancestors 'self' https:; form-action 'self' https:; base-uri 'self'; object-src 'self'- strict-transport-security
max-age=63072000; includeSubDomains; preload;
Links to (6)
- bde.es×2
- cersa-sme.es×2
- cesgar.es×2
- facebook.com×2
- sgrsoft.es×2
- twitter.com×2