indexo.dev

buyandhelp.it

.it crawl

First seen 2026-06-02 · Last seen 2026-06-03 · ok HTTP/1.1 200 863 ms crawled 2026-06-03

US · 172.67.129.15 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Buy and Help - Shopping Conveniente e Solidale
Description
Con il tuo acquisto (aprendo il negozio da Buy and Help) ricevi un rimborso e ci permetti di finanziare il progetto solidale che ti sta più a cuore.
Language
it
Canonical
https://www.buyandhelp.it/

Open Graph

url
https://www.buyandhelp.it/
title
Buy and Help - Shopping Conveniente e Solidale
locale
it_IT
description
Con il tuo acquisto (aprendo il negozio da Buy and Help) ricevi un rimborso e ci permetti di finanziare il progetto solidale che ti sta più a cuore.

Technology

CDN
Cloudflare
jQuery
2.2.4 known XSS (<3.5)
Stack
PHP
Analytics
  • Google Tag Manager

Third-party hosts loaded (6)

  • d1op479sbjfgkw.cloudfront.net×17
  • d2jquaivn72lzy.cloudfront.net×4
  • bah-img-293lsw2930wp29293zlewidt.s3.eu-west-1.amazonaws.com×1
  • d131uo10gdublu.cloudfront.net×1
  • www.facebook.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • betty.ns.cloudflare.com
  • sri.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • 48e080de41818e7d77f35f51e080dba5
Verified for
  • Brevo
  • Google

Email authentication partial

SPF
v=spf1 include:musvc.com include:spf.sendinblue.com mx ~all
softfail (~all)
DMARC
v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400
policy: none (monitoring only) · sp=none
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

WE1
from 2026-05-09 to 2026-08-07
Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.buyandhelp.it/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' ui.idenfy.com, default-src 'self' https://www.google.com https://www.gstatic.com https://*.s3.eu-west-1.amazonaws.com https://youtu.be https://c.bing.com https://api2.branch.io https://d245xi1nra51vy.cloudfront.net https://d1a33tjybd3kym.cloudfront.net https://d2jquaivn72lzy.cloudfront.net https://*.bestshopping.com www.pointer.it https://adservice.google.com https://accounts.google.com https://*.ipqualityscore.com https://cdn.branch.io *.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://www.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.voiceflow.com https://*.clarity.ms https://app.link https://cdn.branch.io https://optimize.google.com https://www.ipqualityscore.com https://www.dwin2.com https://tm.tradetracker.net/conversion https://action.metaffiliation.com https://*.bestshopping.com seal.godaddy.com https://*.google-analytics.com https://*.googleadservices.com https://*.googletagmanager.com https
strict-transport-security
max-age=15768000; preload

Links to (5)

Linked from (2)