malvon.es

HTML metadata

Title

Empanadas Argentinas Artesanas | Malvón | +97 Tiendas en España

Description

🥟 Empanadas argentinas artesanas auténticas. +20 sabores elaborados a mano diariamente. Pide online, recogida en 15min. Catering para eventos. +97 tiendas en toda España. 🇦🇷 14 años llevando el sabor de Argentina.

Language

es

Canonical

https://www.malvon.es/es

Translations

ca
en
es
fr
pt

Open Graph

title: Empanadas Argentinas Artesanas | Malvón | +97 Tiendas en España
locale: es_ES
site name: Malvón - Empanadas Argentinas
description: 🥟 Empanadas argentinas artesanas auténticas. +20 sabores elaborados a mano diariamente. Pide online, recogida en 15min. Catering para eventos. +97 tiendas en toda España. 🇦🇷 14 años llevando el sabor de Argentina.

Technology

Server: railway-edge
CMS: Next.js

Analytics

Google Analytics
Google Tag Manager

Ads

Meta Pixel

Third-party hosts loaded (9)

*.basemaps.cartocdn.com×1
cdnjs.cloudflare.com×1
connect.facebook.net×1
res.cloudinary.com×1
www.facebook.com×1
www.google-analytics.com×1
www.google.com×1
www.googletagmanager.com×1
www.gstatic.com×1

Social

Contact

Email

info@malvon.es

Phone

+34635335335

DNS records live

NS

ns1.grupoloading.com
ns2.grupoloading.com
ns3.grupoloading.com

MX

0 malvon-es.mail.protection.outlook.com

TXT

Show 4 TXT records

MS=9854C8711EE8DA0906ED6E3BA46C9AF9A37ADC03
ostrio-domain: Z-hMHeWvuKgfGt4OOSK_mNA7Tu3s_kuBpeZ3taxkRt6
facebook-domain-verification=pi2jnbemt6zjkozbsjcboewd9pm4lx
google-site-verification=WwEGY6vCIWO7YEkNLDmDwrfCnDgbgCeJsbFDPANMkD0

Email authentication partial

SPF

v=spf1 include:spf.mailjet.com include:_spf.google.com include:_spf.loading.es ip4:139.47.111.151 include:spf.protection.outlook.com  include:spf.emailsignatures365.com include:emsd1.com include:mail.zendesk.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgjXATiIUX7YTKdMh6VZOsaRJ5lNMY+FuI7ppGtQHch0galddn+ThR5H8ocPFFNGoVUS66eWlq/C2G…

selectors probed

Certificate (current)

R12

from 2026-05-10 to 2026-08-08

Expires in 81 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.malvon.es/es

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com connect.facebook.net www.google.com www.gstatic.com www.googleadservices.com googleads.g.doubleclick.net pagead2.googlesyndication.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: res.cloudinary.com cdnjs.cloudflare.com *.basemaps.cartocdn.com *.google-analytics.com *.googletagmanager.com www.facebook.com www.googleadservices.com googleads.g.doubleclick.net pagead2.googlesyndication.com www.google.com *.google.es *.google.com; font-src 'self' data:; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com connect.facebook.net www.google.com *.basemaps.cartocdn.com *.doubleclick.net pagead2.googlesyndication.com; media-src 'self' https://www.franquiciasmalvon.com; frame-src www.google.com www.facebook.com; object-src 'none'; base-uri 'self'; form-action 'self' www.facebook.com; frame-ancestors 'none'
strict-transport-security: max-age=600

Links to (6)

Linked from (2)

franquiciasmalvon.com×2
premiosvega.com×2