indexo.dev

avatable.com

.com crawl

First seen 2026-05-29 · Last seen 2026-05-31 · ok HTTP/1.1 200 678 ms crawled 2026-05-31

FR · 178.32.137.20 · AS16276 OVH SAS

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Avatable: Gestionale Prenotazioni Ristorante + Sito Web
Description
Gestionale prenotazioni ristorante AVATABLE. Booking engine per ristoranti + sito web. Gestione prenotazioni ristorante in modo semplice ed efficace.
Language
it
Canonical
https://www.avatable.com/
Translations
  • it

Technology

Server
Apache
jQuery
3.5.1
Stack
PHP
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • cdn.tnx.it×19
  • fonts.googleapis.com×3
  • fonts.gstatic.com×3
  • www.facebook.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
Tucows Domains Inc.
Created
2019-11-18
Expires
2026-11-18 168 days left
Updated
2026-03-26
Name servers
  • coco.bunny.net
  • kiki.bunny.net

DNS records live

NS
  • coco.bunny.net
  • kiki.bunny.net
MX
  • 10 mail2.tnx.it
Verified for
  • Brevo

Email authentication strong

SPF
v=spf1 mx a include:_spf.tnx.it include:spf.sendinblue.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine
policy: quarantine · sp=quarantine
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R12
from 2026-05-18 to 2026-08-16
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.avatable.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *.tnx.it *.avatable.com assets.calendly.com/assets/external/widget.js calendly.com/ ssl.google-analytics.com www.google-analytics.com www.googletagmanager.com/gtag/js googleads.g.doubleclick.net td.doubleclick.net www.googletagmanager.com/debug/ js.stripe.com/; frame-src 'self' calendly.com/ td.doubleclick.net www.googletagmanager.com/ js.stripe.com/ www.youtube-nocookie.com/;

Links to (5)

Linked from (2)