navaway.es
navaway.es
HTML metadata
Technology
- CMS
- WordPress
Third-party hosts loaded (7)
- navaway.fr×13
- navaway.com×2
- gmpg.org×1
- i.ytimg.com×1
- moderate.cleantalk.org×1
- search.navaway.fr×1
- www.youtube.com×1
Social
DNS records live
- NS
-
- nsany1.infomaniak.com
- nsany2.infomaniak.com
- Verified for
-
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 168 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=()- x-content-type-options
nosniff- content-security-policy
img-src 'self' data: *.webqamapps.com *.navaway.fr *.navaway.com *.navaway.es *.navaway.de *.navaway.it navaway.fr navaway.com navaway.es navaway.de navaway.it *.gravatar.com *.w.org *.ytimg.com *.imgix.net *.axept.io ; frame-src 'self' blob: *.webqamapps.com *.navaway.fr *.navaway.com *.navaway.es *.navaway.de *.navaway.it navaway.fr navaway.com navaway.es navaway.de navaway.it *.booking.com *.bstatic.com *.getyourguide.com *.google.com *.youtube.com *.youtube-nocookie.com *.vimeo.com *.daylimotion.com embed-ssl.wistia.com *.freemius.com *.tiqets.com *.viator.com *.civitatis.com https://widgets.bokun.io ; script-src-elem 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.webqamapps.com *.navaway.fr *.navaway.com *.navaway.es *.navaway.de *.navaway.it navaway.fr navaway.com- strict-transport-security
max-age=16070400; includeSubDomains; preload
Links to (7)
- youtube.com×2
- facebook.com×2
- instagram.com×2
- navaway.com×2
- navaway.fr×2
- pinterest.fr×2
- tiktok.com×2