hiscox.es
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Drupal
- Analytics
-
- Cloudflare Insights
- Google Tag Manager
Third-party hosts loaded (4)
- cdnjs.cloudflare.com×4
- cdn.jsdelivr.net×1
- static.cloudflareinsights.com×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns1-02.azure-dns.com
- ns2-02.azure-dns.net
- ns3-02.azure-dns.org
- ns4-02.azure-dns.info
- MX
-
- 10 eu-smtp-inbound-1.mimecast.com
- 10 eu-smtp-inbound-2.mimecast.com
- TXT
-
Show 9 TXT records
EssJH/E6bmU9Am37g/gz+ZMJeTTSizJWXVYqhZFG5Hs=lt19jpfdkmywlm1cs4h06hmrxygwg6rb9n5mfr2614bjstwkq8gyrhyq02pb075711aRWx - 130776_SMS2_3981y046bl7d5c85kdwmtcj51pjrjv1bcnhvlaKVvhsOMLCEiDj/rWLn0ei8qI4/baBlQvhbIKmJyuzcpKIC6vU3hDsyvftufa+EshrMF+QnSMoGjoMDERYKqQ==MS=ms19404971amazonses:Y7mhow2ob/1VnQXMIWVpdOaxM/Dp73Ay0jOrxiSp1j0=d365mktkey=XVp55HawjrHHUlZxhTPZfqCSI8xg0g7w2by01nT8rLUx
Email authentication strong
- SPF
-
v=spf1 include:_netblocks.mimecast.com include:amazonses.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:0782b17d5857572@rep.dmarcanalyzer.com; ruf=mailto:0782b17d5857572@for.dmarcanalyzer.com; fo=1:d:spolicy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
DigiCert Global G2 TLS RSA SHA256 2020 CA1
Expires in 228 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),bluetooth=(),browsing-topics=(),camera=(),compute-pressure=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-create=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),speaker-selection=(),storage-access=(),usb=(),web-share=(),window-management=(),xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'none'; style-src * 'unsafe-inline'; img-src * 'self' data: https:; media-src *; frame-src *; frame-ancestors 'self' *.hiscox.es; child-src *; font-src * data:; connect-src *; report-uri /report-csp-violation- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-opener-policy
same-origin- cross-origin-resource-policy
cross-origin
Links to (10)
- hiscox.co.uk×2
- hiscox.com×2
- hiscox.de×2
- hiscox.fr×2
- hiscoxgroup.com×2
- hiscoxre.com×2
- instagram.com×2
- linkedin.com×2
- myhiscox.es×2
- youtube.com×2
Linked from (7)
- apromes.com×2
- hiscox.co.uk×2
- myhiscox.es×2
- fecor.es×2
- hiscoxgroup.com×2
- hiscoxre.com×2
- adecose.com×2