indexo.dev

apptaxipay.it

.it crawl

First seen 2026-05-30 · Last seen 2026-05-30 · ok HTTP/1.1 200 301 ms crawled 2026-05-31

IT · 217.61.51.136 · AS31034 Aruba S.p.A.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Language
it

Technology

Server
nginx

Contact

Phone

DNS records live

NS
  • dns.widhost.net
  • dns2.widhost.net
MX
  • 10 in.arubabusiness.it
TXT
  • actalis-dcv=h9e5g4ralha1vmohm85b29aj3i
  • actalis-dcv=5jlei04im3h857tvck009qfnrs

Email authentication partial

SPF
v=spf1 a mx include:_spf.arubabusiness.it -all
strict (-all)
DMARC
v=DMARC1; p=none; sp=none; adkim=r; aspf=r
policy: none (monitoring only) · sp=none
DKIM
no key found at common selectors

Certificate (current)

Actalis Domain Validation Server CA G3
from 2025-09-05 to 2026-09-19
Expires in 110 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://apptaxipay.it/unsupported.html

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self';connect-src 'self' data: https://*.googleapis.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;script-src 'self' 'nonce-095961dc9ebe32cfec38c3fddd5b19b7' https://*.googleapis.com;img-src 'self' data: blob: https://*.gstatic.com https://*.google.com;upgrade-insecure-requests;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none'
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Linked from (1)