appgrade34.it
appgrade34.it
HTML metadata
Technology
- Server
- nginx
- JS framework
- Angular 14.2.12
Social
Contact
- Phone
DNS records live
- NS
-
- alberto.ns.cloudflare.com
- rose.ns.cloudflare.com
- MX
-
- 10 mail.appgrade34.it
- Verified for
-
- Stripe
Email authentication strong
- SPF
-
v=spf1 +mx ip4:151.236.32.216 include:_spf.mlsend.com include:one.zoho.eu -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; adkim=s; aspf=spolicy: quarantine - DKIM
-
- default:
v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA030pdw8DUEzgUXJwVjslap7cmS3GyjBiMsPXKDVvLopj4tUr/bL21AcOcXxscSTaazjv8Bs8eYaefKrzvjnTu…
selectors probed - default:
Certificate (current)
Sectigo Public Server Authentication CA OV R36
Expires in 85 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
img-src 'self' data: *.google.com *.google.it *.googleadservices.com https://www.google-analytics.com https://*.doubleclick.net https://www.googleapis.com https://*.appgrade34.it/ https://www.googletagmanager.com https://*.googleapis.com *.gstatic.com *.iubenda.com *.zopim.com *.zdassets.com *.linkedin.com *.bing.com *.clarity.ms *.facebook.com https://light.appgrade34.it/ https://appgrade34.it/light/ null;script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.iubenda.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleapis.com *.google.com *.google.it *.googleadservices.com https://stats.g.doubleclick.net *.licdn.com *.bing.com *.facebook.net *.doubleclick.net *.zopim.com *.zdassets.com *.clarity.ms *.facebook.com https://*.stripe.com https://*.hotjar.com https://*.hotjar.io;script-src-elem 'self' 'unsafe-inline' *.google.com *.google.it *.googleadservices.com https://www.google-analytics.com https://stats.g.doubleclick.net *.licdn.com *.bing.com *.fac- strict-transport-security
max-age=15552000; includeSubDomains- cross-origin-opener-policy
same-origin- cross-origin-resource-policy
same-origin
Links to (5)
- wa.me×1
- trustpilot.com×1
- linkedin.com×1
- iubenda.com×1
- facebook.com×1