entornopremercado.es
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
Third-party hosts loaded (2)
- cdn.cookielaw.org×1
- www.googletagmanager.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- a1-232.akam.net
- a18-67.akam.net
- a20-65.akam.net
- a24-67.akam.net
- a5-66.akam.net
- ns1.six-group.com
- ns2.six-group.com
- TXT
-
swisssign-check=6zwP2KPO30bLUIFBUo5TgAxPCpA
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
SwissSign RSA TLS OV ICA 2022 - 1
Expires in 238 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
Header values
- x-frame-options
DENY- permissions-policy
accelerometer=(),autoplay=(self "https://*.youtube.com" "https://*.youtube-nocookie.com" "https://*.vimeo.com" "https://*.vimeocdn.com"),picture-in-picture=(self "https://*.youtube.com" "https://*.youtube-nocookie.com" "https://*.vimeo.com" "https://*.vimeocdn.com"),camera=(),document-domain=(),encrypted-media=(),fullscreen=(self "https://*.youtube.com" "https://*.youtube-nocookie.com" "https://*.vimeo.com" "https://*.vimeocdn.com"),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(self),usb=(),compute-pressure=(*)- x-content-type-options
nosniff- content-security-policy
default-src 'self' www.bolsasymercados.es 'unsafe-inline' 'unsafe-eval' data: *.typekit.net *.google-analytics.com www.googletagmanager.com *.analytics.google.com tagmanager.google.com *.gstatic.com *.googleapis.com cdn.cookielaw.org *.onetrust.com www.google.com *.cloudflare.com i1.ytimg.com *.youtube.com *.youtube-nocookie.com *.vimeo.com *.vimeocdn.com;base-uri 'self';form-action 'self';frame-ancestors 'self';- strict-transport-security
max-age=31536000