indexo.dev

cogedi.it

.it crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1910 ms crawled 2026-05-30

IT · 62.85.163.215 · AS15404 COLT Technology Services Group Limited

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
English - CoGeDi.it
Language
en

Technology

CMS
Gatsby
jQuery
1.10.2 known XSS (<3.5)
Stack
ASP.NET
Cookie consent
  • Iubenda

Third-party hosts loaded (1)

  • cdn.iubenda.com×2

Contact

Email
Phone

DNS records live

NS
  • ns1.aconet.it
  • ns2.aconet.it
  • ns5.aconet.it
MX
  • 10 mail.cogedi.it
TXT
  • MS=AFDDF8A3271546C5B2A223C00788B275E52D641F
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:62.85.161.30 ip4:62.85.161.9 ip4:62.85.186.2 ip4:62.85.163.96 ip4:62.85.160.40 ip4:62.85.163.91 ip4:62.85.163.89 ip4:62.85.172.2 ip4:213.21.167.58 ip4:185.121.36.68 include:spf.protection.outlook.com include:de._netblocks.mimecast.com -all
strict (-all)
DMARC
v=DMARC1;p=none; rua=mailto:dmarc.rua@cogedi.it; ruf=mailto:dmarc.ruf@cogedi.it
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

GoGetSSL RSA DV SSL CA 2
from 2025-09-08 to 2026-10-09
Expires in 130 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.cogedi.it/en/index.html

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.iubenda.com piwik.engitel.com *.cogedi.it; script-src 'self' 'unsafe-inline' piwik.engitel.com *.iubenda.com *.google.com *.gstatic.com *.jsdelivr.net *.polyfill.io; style-src 'self' 'unsafe-inline' *.iubenda.com data:; font-src 'self'; img-src 'self' data: piwik.engitel.com; frame-src 'self' *.google.com *.iubenda.com
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (3)

Linked from (3)