patrimonionacional.es

.es crawl

First seen 2026-04-11 · Last seen 2026-05-20 · ok HTTP/1.1 200 1051 ms crawled 2026-05-18

ES · 185.73.174.194 · AS200521 Ministerio de Transformacion Digital y de la Funcion Publica

Reputation 100/100

Classifying

HTML metadata

Title

Patrimonio Nacional

Description

Patrimonio Nacional, organismo público responsable de los bienes de titularidad del Estado que proceden del legado de la Corona española, tiene como fines principales el fundamental apoyo a la Jefatura del Estado para la alta representación, así como la puesta a disposición de los ciudadanos del patrimonio histórico

Language

Generator

Drupal 10 (https://www.drupal.org)

Canonical

https://www.patrimonionacional.es/

Translations

Technology

Server: Apache
CMS: Drupal

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

unpkg.com×6
cdn.jsdelivr.net×4
cdnjs.cloudflare.com×2
www.googletagmanager.com×2
fonts.googleapis.com×1
static.addtoany.com×1
t.hspvst.com×1

Social

DNS records live

NS

ns1.age.gob.es
ns2.age.gob.es

MX

10 mail1.correo.gob.es
10 mail2.correo.gob.es

TXT

JLjDKEOcFqoJc4fCOEdeFfNFncc22EF6OtLezIovlvJbW+SIRF/aLst2N2ZYCYiFI/uHADFlpEmQQh0ggaO2JQ==

Verified for

HARICA
Microsoft 365

Email authentication strong

SPF

v=spf1 a:spf.correo.gob.es -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:avisos.correo@correo.gob.es; ruf=mailto:avisos.correo@correo.gob.es; fo=1;

policy: quarantine

DKIM

s2: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuswHPHHcgaDZyhHPpupTkOJwyJhIPU4qpkCivQ+h8Xp42QsHDlbeZ/S+1/8zQnmhLlpIDXp/3qA79etkm34jO…

selectors probed

Certificate (current)

GEANT TLS RSA 1

from 2026-01-20 to 2027-01-20

Expires in 244 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.patrimonionacional.es/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
weak content type protection

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload