medavita.es
medavita.es
HTML metadata
Technology
- Server
- Apache
- CMS
- Gatsby
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Iubenda
Third-party hosts loaded (2)
- cdn.iubenda.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1.register.it
- ns2.register.it
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 66 days
HTTP security headers
- present
-
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- findings
-
- missing HSTS
- missing Content Security Policy
- weak frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN, SAMEORIGIN- x-content-type-options
nosniff- content-security-policy-report-only
font-src *.fontawesome.com *.iubenda.com data: *.cloudflare.com *.bootstrapcdn.com fonts.gstatic.com *.gstatic.com 'self' data: www.medavita.es data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *.facebook.com www.medavita.es 'self' 'unsafe-inline'; frame-ancestors www.medavita.es 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinal