normon.com
HTML metadata
Technology
- Server
- Apache
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- gmpg.org×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- Network Solutions, LLC
- Created
- 1998-05-21
- Expires
- 2034-05-20 2922 days left
- Updated
- 2024-05-20
- Name servers
-
- ns1.normon.com
- ns2.normon.com
DNS records live
- NS
-
- ns1.normon.com
- ns2.normon.com
- MX
-
- 10 gw4130.fortimail.com
- 20 normon-com.mail.protection.outlook.com
- TXT
-
Show 8 TXT records
google-site-verification=K7JnJyYAMEx26ML-Xcys11YCIrKeKgTeb5ta2we7q40google-site-verification=uuwBLnN0niA89PY0tRhg7EDipoSrhsj7O8JE9mtQ6swadobe-idp-site-verification=301290d18dfb893ffa47f9adc88f7cf677de4fc0098a946068262d89476fe11eapple-domain-verification=31wR0Q4Xa0TQA39tv=spf1 ip4:195.76.101.24/29 ip4:46.27.2.208/28 ip4:46.26.82.68 ip4:173.243.134.130 ip4:34.175.197.138 ip4:34.175.140.78 ip4:34.175.140.207 a:gw4130.fortimail.com include:spf.protection.outlook.com -allu/0RPpjHj0M1vogCrYlfn0Spd8hn6KTEwcB6m7iS3urGNWzi91vHjyLL9t/huZJh/XrxFeYZKvArkPBhzytk9g==_globalsign-domain-verification=8ZazseS_7TBhPPLfBB6cnhbjt112WPTpYW86AFmXvLdocusign=4d9f573a-c3d7-414e-a3ec-7feffda13127
Certificate (current)
WR3
Expires in 29 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' https://connect.facebook.net/ https://acrobatservices.adobe.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://www.gstatic.com https://sdk.privacy-center.org https://www.googletagmanager.com https://www.google.com 'unsafe-inline' 'unsafe-eval'; img-src * data: blob:; style-src 'self' https://fonts.googleapis.com https://www.google.com https://www.gstatic.com 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com ; frame-src https://acrobatservices.adobe.com/ https://consentcdn.cookiebot.com https://www.google.com https://www.youtube.com; connect-src 'self' https://viewlicense.adobe.io https://consentcdn.cookiebot.com https://region1.google-analytics.com https://api.privacy-center.org; frame-ancestors 'none'; form-action 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'- strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=15768000;includeSubdomains- cross-origin-opener-policy
same-origin- cross-origin-resource-policy
cross-origin
Links to (6)
- facebook.com×2
- instagram.com×2
- linkedin.com×2
- normonclass.es×2
- x.com×2
- youtube.com×2