indexo.dev

oximesa.es

.es crawl

First seen 2026-05-30 · Last seen 2026-05-31 · ok HTTP/1.1 200 489 ms crawled 2026-05-31

NL · 193.39.112.49 · AS207367 Nippon Sanso Euro-holding Sl

Reputation 100/100

Classifying

HTML metadata

Title
Oximesa | NIPPON SANSO
Language
es-ES
Canonical
https://oximesa.eu.nipponsanso.com
Translations
  • en
  • fr
  • it

Open Graph

url
/
title
Oximesa
site name
Oximesa Website

Technology

Server
Microsoft-IIS
jQuery
3.3.1 known XSS (<3.5)
Analytics
  • Google Tag Manager
Third-party hosts loaded (7)
  • ng-p-euw-sitecore-cdn-endpoint.azureedge.net×8
  • dryce.eu.nipponsanso.com×4
  • eu.nipponsanso.com×2
  • cdnjs.cloudflare.com×1
  • oximesa.eu.nipponsanso.com×1
  • stamp.wma.comb.es×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • a.ns14.net
  • b.ns14.net
  • c.ns14.net
  • d.ns14.net

Email authentication no MX

SPF
v=spf1 mx -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1
from 2026-01-12 to 2027-02-13
Expires in 253 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://oximesa.es/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' *.azureedge.net *.hotjar.com *.leadchampion.com https://www.w3schools.com https://sharing.tps-cloud.com https://popper.js.org https://greensock.com https://maps.googleapis.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://consent.cookie-script.com https://www.google.com https://csmetrics.hotjar.com https://content.hotjar.io wss://wsp22.hotjar.com https://in.hotjar.com https://vc.hotjar.io https://cdn.linkedin.oribi.io https://pagead2.googlesyndication.com https://lcb-odm.leadchampion.com https://mastertag.leadchampion.com https://static.hotjar.com https://connect.facebook.net https://cdn.cookie-script.com https://mastertag.leadchampion.com https://cdn.leadchampion.com https://ng-p-euw-sitecore-cdn-endpoint.azureedge.net https://region1.google-analytics.com https://cdn.cookielaw.org https://www.google-analytics.com https://geolocation.onetrust.com https://www.youtube.com; frame-src 'self' 'unsafe-inline' null https://ni
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=157680000; includeSubDomains

Links to (4)

Linked from (1)