xlsmedical.es
xlsmedical.es
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
- Font Awesome
Third-party hosts loaded (5)
- s3.eu-west-3.amazonaws.com×27
- cdn.jsdelivr.net×2
- use.fontawesome.com×1
- use.typekit.net×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- lara.ns.cloudflare.com
- olof.ns.cloudflare.com
- MX
-
- 10 mailrelay.register.be
- Verified for
-
- Meta
Certificate (current)
WE1
Expires in 28 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
camera=(), fullscreen=self, geolocation=*, microphone=self- x-content-type-options
nosniff- content-security-policy
default-src 'self'; connect-src 'self' cookielaw.org *.cookielaw.org googleapis.com *.googleapis.com onetrust.com *.onetrust.com bam.nr-data.net *.google.com *.google.co.in google.com google.co.in *.googletagmanager.com *.doubleclick.net *.xlsmedical.es www.google-analytics.com *.outbrain.com *.hotjar.io; font-src 'self' *.gstatic.com *.onetrust.com onetrust.com fontawesome.com *.fontawesome.com typekit.net *.typekit.net; frame-src 'self' *.amazon-adsystem.com *.doubleclick.net *.adsrvr.org; img-src 'self' data: cookielaw.org *.cookielaw.org googleapis.com *.googleapis.com gstatic.com *.gstatic.com s3.eu-west-3.amazonaws.com *.facebook.net *.facebook.com *.googletagmanager.com www.google.co.in *.doubleclick.net www.google.com dev-xls-eu.perrigocms.com; media-src 'self' s3.eu-west-3.amazonaws.com data:; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' cookielaw.org *.cookielaw.org onetrust.com *.onetrust.com *.jsdelivr.net *.googleapis.com googletagmana- strict-transport-security
max-age=31536000; includeSubDomains; preload