grunenthal.es

.es crawl

First seen 2026-04-17 · Last seen 2026-05-18 · ok HTTP/1.1 200 2671 ms crawled 2026-05-12

NL · 20.50.2.24 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Inicio | Grünenthal España
Description: Nuestra misión es mejorar la vida de los pacientes. Somos una empresa dinámica y exigente, con una cartera de productos impulsada por la innovación, que se basa en nuestros conocimientos sobre el dolor.
Language: es
Canonical: https://www.grunenthal.es

Open Graph

url: https://www.grunenthal.es
title: Inicio | Grünenthal España
description: Nuestra misión es mejorar la vida de los pacientes. Somos una empresa dinámica y exigente, con una cartera de productos impulsada por la innovación, que se basa en nuestros conocimientos sobre el dolor.

Technology

CDN: Azure Front Door
CMS: Next.js

Analytics

Matomo

Social widgets

Vimeo Embed

Third-party hosts loaded (5)

cdn.consentmanager.net×1
cdn.matomo.cloud×1
edge-platform.sitecorecloud.io×1
edge.sitecorecloud.io×1
player.vimeo.com×1

Social

Contact

Email

informacion@grunenthal.com

Phone

91 301 93 00

DNS records live

NS

ns1.markmonitor.com
ns2.markmonitor.com
ns3.markmonitor.com
ns4.markmonitor.com
ns5.markmonitor.com
ns6.markmonitor.com
ns7.markmonitor.com

MX

10 mail.grunenthal.es
10 mail2.grunenthal.es
20 mail2.grunenthal.es
30 mail2.grunenthal.es

TXT

Show 7 TXT records

rhbxbmymqmb7w23flhssndp5py4fthcd
google-site-verification=AiISZn5s3U4ZWywm6pG-Ls0V4L-RieEJ-gVeFXJx6XA
_tnx1c4iv43jezw2zcj0n30lep8e3bk9
_6p5yykvecv1dowv2t7dntdud0x8hn9z
MS=ms34727756
6zs7hbrkhq8hnrjh1gskvn8kj5xt2qkx
h4d3z4m217rg3mxpx94w12bwqwvmfhhj

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-02-22 to 2026-08-23

Expires in 96 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.grunenthal.es/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' blob: 'unsafe-eval' 'unsafe-inline' https://*.consentmanager.net https://*.matomo.cloud ; connect-src 'self' https://*.matomo.cloud https://*.sitecorecloud.io https://*.consentmanager.net https://*.microsoft.com ; style-src 'self' 'unsafe-inline' https://*.sitecorecloud.io https://*.matomo.cloud ; img-src 'self' blob: data: https://*.consentmanager.net https://*.sitecorecloud.io https://*.vimeocdn.com https://*.matomo.cloud https://*.grunenthal.com https://*.wma.comb.es ; media-src 'self' https://*.sitecorecloud.io; frame-src 'self' https://*.vimeo.com https://*.consentmanager.net https://*.spotify.com https://*.microsoft.com ; font-src 'self' blob: data: https://*.matomo.cloud https://*.microsoft.com ; object-src 'none'; base-uri 'self' https://*.matomo.cloud; form-action 'self'; frame-ancestors 'self' ; upgrade-insecure-requests;
strict-transport-security: max-age=63072000; includeSubDomains; preload