bolzonigroup.com

HTML metadata

Title: BOLZONI - The Material Handling Group
Description: Bolzoni is one of the worldwide leading manufacturers of lift truck attachments, forks and lift tables.

Technology

Server: nginx

Analytics

Google Tag Manager

Cookie consent

Cookiebot

Third-party hosts loaded (2)

consent.cookiebot.com×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

+390523555511

Registration

Registrar

Register SPA

Created

2011-11-22

Expires

2026-11-22 187 days left

Updated

2025-11-23

Name servers

ns1.register.it
ns2.register.it

DNS records live

NS

ns1.register.it
ns2.register.it

MX

10 bolzonigroup-com-1.fortimailcloud.com
20 bolzonigroup-com-2.fortimailcloud.com

TXT

Show 6 TXT records

knowbe4-site-verification=3fe63ff21913e4760f280f5186638529
3IyvKsVxernx0tGVoOpcswauToQh5pdaDFUyDX+7maphzLWr4+kQc0TqgWzFb74j6IEMF09Ow+n0I32FiJeN4A==
1password-site-verification=J3JIU55TDJGFDCJQQBWOEBIKVA
apple-domain-verification=lufnXBoLnTHO78sY
MS=ms64757255
sending_domain1035513=3a92ffe0c7b1e6d019e69b9540c131a321353486951a300528dc78e9002e5bc7

Email authentication strong

SPF

v=spf1 +a +mx ip4:151.1.222.101 include:spf.protection.outlook.com include:spf.emailsignatures365.com include:spf.mymailer.it include:_spf.fortimailcloud.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;sp=quarantine;pct=100;rua=mailto:helpdesk@bolzonigroup.com;ruf=mailto:helpdesk@bolzonigroup.com;aspf=s;adkim=s;fo=0

policy: reject (enforced) · sp=quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1IPza1IzEqizQxkpQTQrLm1UnMoD0oQPxucq6Wk5O39Z+LyLcWj+DC1imBYB7q7SxMp9Btgq3Rc0KHUNRlb…

selectors probed

Certificate (current)

Sectigo RSA Domain Validation Secure Server CA

from 2025-04-23 to 2026-05-24

Expires in 5 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://bolzonigroup.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self), microphone=(), camera=(), fullscreen=(self), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' https://www.youtube-nocookie.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://www.googletagmanager.com https://tag.demandbase.com https://log.leadgenerationsoftware.it https://maps.googleapis.com https://www.google-analytics.com https://s.ytimg.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://en.bolzonigroup.com; img-src 'self' https://id.rlcdn.com https://bolzonigroup.com https://*.bolzonigroup.com https://en.bolzonigroup.com https://imgsct.cookiebot.com https://log.leadgenerationsoftware.it data: https://maps.gstatic.com https://maps.googleapis.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://s.company-target.com https://www.youtube-nocookie.com https://consentcdn.cookiebot.com; connect-src 'self' https://api.company-target.com https://tag-logger.demandbase.com https://en.bolzonigroup.com https://www
strict-transport-security: max-age=63072000; includeSubDomains; preload