indexo.dev

lafacturadelagua.es

.es crawl

First seen 2026-04-17 · Last seen 2026-05-08 · ok HTTP/1.1 200 869 ms crawled 2026-05-12

ES · 5.40.154.149 · AS6739 Vodafone Ono, S.A.

Reputation 100/100

sector tech type homepage

HTML metadata

Title
E-Factura
Language
en

Technology

Server
Kestrel

Third-party hosts loaded (2)

  • cdn.jsdelivr.net×6
  • cdnjs.cloudflare.com×2

DNS records live

NS
  • dns31.servidoresdns.net
  • dns32.servidoresdns.net
MX
  • 5 smtp.emsvfm.com
Verified for
  • Google

Email authentication strong

SPF
v=spf1 include:spf.mailjet.com ip4:194.140.166.79 -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:postmaster@emsvfm.com; ruf=mailto:postmaster@emsvfm.com; fo=0; adkim=s; aspf=s; pct=100; rf=afrf; ri=86400; sp=none
policy: quarantine · sp=none
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2025-08-08 to 2026-08-09
Expires in 79 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://lafacturadelagua.es/Identity/Account/Login?ReturnUrl=%2F

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
connect-src 'self'; form-action 'self'; frame-src https://www.google.com; img-src 'self' data:; script-src https://www.gstatic.com https://www.google.com/ https://cdnjs.cloudflare.com https://cdn.jsdelivr.net 'self' 'unsafe-inline' ;object-src 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (1)