pamesa.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-16 · ok HTTP/1.1 200 1901 ms crawled 2026-05-14

FR · 51.83.94.18 · AS16276 OVH SAS

Reputation 100/100

sector home type homepage

HTML metadata

Title: PAMESA CERÁMICA
Description: Compañía matriz del Grupo Pamesa dedicada al diseño y fabricación de pavimentos y productos cerámicos.
Canonical: https://www.pamesa.com/index.html

Technology

Server: nginx

Fonts

Google Fonts

Social widgets

Vimeo Embed

Third-party hosts loaded (3)

fonts.googleapis.com×1
player.mediadelivery.net×1
player.vimeo.com×1

Social

Contact

Address: Calle Pina de Montalgrao, 2(Carretera Vila-real - Onda Km 2,7)12540

Registration

Registrar

Arsys Internet, S.L. dba NICLINE.COM

Created

1997-01-30

Expires

2027-01-31 255 days left

Updated

2026-01-26

Name servers

dns1.csnet.es
dns2.csnet.es
dns3.csnet.es

DNS records live

NS

dns1.csnet.es
dns2.csnet.es
dns3.csnet.es

MX

10 mxa-00a13f01.gslb.pphosted.com
10 mxb-00a13f01.gslb.pphosted.com

Verified for

Brevo
Google

Email authentication strong

SPF

v=spf1 exists:%{i}.spf.hc128-35.eu.iphmx.com include:spf.protection.outlook.com include:servers.mcsv.net include:spf-00a13f01.pphosted.com -all

strict (-all)

DMARC

v=DMARC1; p=reject

policy: reject (enforced)

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt28FsSbbJ2lv2sH4n4hrqIB/HBXnhHZePlHfXGXyBjuaiPbuD6b0UthU2I3TJukH2nS0hpvZeuuvOrVnHaX…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-11-12 to 2026-12-13

Expires in 206 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.pamesa.com/index.html

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self' script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google.com *.google.es *.gstatic.com ds.spark-vision.com online.flippingbook.com d33i2vgywgme2s.cloudfront.net player.vimeo.com img-src 'self' *.googletagmanager.com *.google.com *.google.es *.google-analytics.com *.analytics.google.com *.vimeocdn.com font-src 'self' fonts.gstatic.com connect-src 'self' *.google-analytics.com *.analytics.google.com stats.g.doubleclick.net style-src 'self' 'unsafe-inline' fonts.googleapis.com form-action 'self' frame-src 'self' online.flippingbook.com player.vimeo.com *.google.com *.google.es ds.spark-vision.com player.mediadelivery.net frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload env=HTTPS