indexo.dev

iaf.es

.es crawl

First seen 2026-04-13 · Last seen 2026-05-16 · ok HTTP/1.1 200 827 ms crawled 2026-05-06

ES · 188.244.81.91 · AS49851 Aragonesa de Servicios Telematicos

Reputation 92/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Instituto Aragonés de Fomento
Language
es

Technology

Server
Apache
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • cdnjs.cloudflare.com×4
  • fonts.gstatic.com×1
  • iafspaia.blob.core.windows.net×1
  • maps.googleapis.com×1
  • www.google.com×1
  • www.googletagmanager.com×1

DNS records live

NS
  • calatayud.aragon.es
  • codos.aragon.es
MX
  • 10 mx01.aragon.es
  • 20 mx02.aragon.es
TXT
  • MS=ms87727258
  • MS=ms50713734

Email authentication strong

SPF
v=spf1 ip4:188.244.91.1/32 ip4:188.244.81.16/28 include:spf.protection.outlook.com ip4:188.244.81.192/29 -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc@iaf.es; ruf=mailto:dmarc@iaf.es; fo=1
policy: none (monitoring only)
DKIM
  • dkim: v=DKIM1;t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2mG5bz/KGHbSQ4yRIqV7YbitTiDffncX4UXk5yHnPOx0Nm/OOUSR5ez8CNU4y1ef4dxAMXVnZxzkHMZdL/icNQ…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-05-05 to 2026-11-20
Expires in 184 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://iaf.es/

findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy

Linked from (7)