indexo.dev

molinsderei.net

.net dns crawl

First seen 2026-05-08 · Last seen 2026-05-31 · ok HTTP/1.1 200 786 ms crawled 2026-05-31

ES · 212.170.29.205 · AS3352 Telefonica De Espana S.a.u.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Oficina Virtual Ayuntament Molins de Rei
Description
STA. Serveis Telemàtics Avançats. Carpeta Ciutadana.
Language
ca

Technology

Server
Apache
jQuery
3.7.1
Stack
Java

Third-party hosts loaded (1)

  • molinsderei--net.insuit.net×1

Contact

Phone

Registration

Registrar
Nominalia Internet SL
Created
1997-10-07
Expires
2026-10-06 122 days left
Updated
2025-12-17
Name servers
  • dns1.nominalia.com
  • dns2.nominalia.com

DNS records live

NS
  • dns1.nominalia.com
  • dns2.nominalia.com
MX
  • 10 mail.nominalia.com
  • 15 ajuntament.molinsderei.net
  • 15 mail1.molinsderei.cat
  • 20 tristan.molinsderei.net
Verified for
  • Google

Email authentication weak

SPF
v=spf1 include:spf.webapps.net include:amazonses.com ip4:212.170.29.203 ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R36
from 2026-01-05 to 2027-01-20
Expires in 228 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://molinsderei.net/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=PTS_HOME

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-security-policy
default-src 'self' afirma://; img-src 'self' *.google.com *.googleapis.com data: blob:; media-src 'self'; script-src *.google.com *.googleapis.com www.gstatic.com *.google-analytics.com *.googletagmanager.com *.insuit.net 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.google.com *.googleapis.com *.insuit.net 'self' 'unsafe-inline' data:; font-src 'self' *.gstatic.com *.google.com *.googleapis.com *.insuit.net data:; object-src 'self'; base-uri 'self'; connect-src 'self' *.insuit.net api.amplitude.com *.google-analytics.com wss://127.0.0.1:63117; frame-ancestors 'self'; frame-src *.google.com *.googleapis.com www.gstatic.com *.insuit.net insuit.net afirma:// 'self'
strict-transport-security
max-age=31536000; includeSubDomains

Links to (1)