indexo.dev

almirall.it

.it crawl

First seen 2026-05-19 · Last seen 2026-05-30 · ok HTTP/1.1 200 19293 ms crawled 2026-05-26

GB · 149.126.74.16 · AS19551 Incapsula Inc

Reputation 100/100

sector other type homepage

HTML metadata

Title
Home | Almirall
Language
it-IT
Canonical
https://www.almirall.it
Translations
  • it

Technology

Stack
Java
Cookie consent
  • OneTrust

Third-party hosts loaded (3)

  • cdn-ukwest.onetrust.com×2
  • tools.euroland.com×1
  • www.almirall.com×1

Social

DNS records live

NS
  • ns1-09.azure-dns.com
  • ns2-09.azure-dns.net
  • ns3-09.azure-dns.org
  • ns4-09.azure-dns.info
MX
  • 10 mxa-0025b501.gslb.pphosted.com
  • 20 mxb-0025b501.gslb.pphosted.com
TXT
  • rTFeWrTE8eCRmgMUCf0rv+bDkw3k5s28ndC2WisA6cTtD9qLmgKwJ11+RdFzmpU7TCCP67km2dFSNY7Zida8jg==
Verified for
  • GlobalSign
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:spf-0025b501.pphosted.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificates

Loading certificate

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.almirall.it/

present
  • strict-transport-security
  • content-security-policy
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak content type protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.onetrust.com www.youtube.com tile.openstreetmap.org *.facebook.net flagcdn.com www.almirall.it *.googleapis.com *.youtube-nocookie.com translate.google.com bam.eu01.nr-data.net *.cloudfront.net *.eloqua.com js-agent.newrelic.com www.google.com *.doubleclick.net secured-pixel.com *.gstatic.com *.facebook.com *.googleadservices.com cdn.equalweb.com www.almirall.com access.equalweb.com tools.euroland.com *.googlesyndication.com *.licdn.com www.google.it unpkg.com *.tiktok.com www.googletagmanager.com; frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy-report-only
script-src 'unsafe-inline' 'unsafe-eval' https:;

Links to (14)

Linked from (11)