credem.it

HTML metadata

Title: Credem Banca: Conti Correnti, Carte, Prestiti, Mutui e Investimenti
Description: Scopri i servizi bancari, finanziari e assicurativi di Credem Banca per persone, famiglie e imprese. Credem: Wellbanking People.
Language: it
Canonical: https://www.credem.it/

Open Graph

url: https://www.credem.it/
title: Credem Banca: Conti Correnti, Carte, Prestiti, Mutui e Investimenti
description: Scopri i servizi bancari, finanziari e assicurativi di Credem Banca per persone, famiglie e imprese. Credem: Wellbanking People.

Technology

Third-party hosts loaded (2)

assets.adobedtm.com×1
maps.googleapis.com×1

Social

Contact

Phone

02823390352

Address

Via Emilia S. Pietro, 4, 42121, Reggio Emilia, RE, IT

DNS records live

NS

dns1.inet2.it
dns2.inet2.it
dns3.inet2.it

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 10 TXT records

_pc19a4glqau417h0x3zywnes5w3dz3h
_2qyujbx2nfzyhgncr5l4unnh7qdl1oj
_7p1ri8b0c83i7orz1tf5yi959u9xbt9
_2ry6oayw59kcb8f3jatrxm8qe3wt9sz
+VIV/tpl6s9hYx5BeMPgUBiKnglE1kUmTzWTdVsJaBM=
+VIV/tpl6s9hYx5BeMPgUFv5774yTjN2eLN/0xWydd4=
OSIAGENTREGURL=HTTP://MDM.CREDEM.IT/MOBILEENROLLMENT/SYMC-IOSENROLL.ASPX
MS=MS19346375
+VIV/tpl6s9hYx5BeMPgUJr41rEQxpT78zMcks6VCKA=
_execc6655gz0ycz5ur47gobr4d2sqqn

Verified for

Apple
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:_spf.gruppocredem.it include:_spf.google.com include:fra1.rp.oracleemaildelivery.com include:fdspfeuc.freshemail.io ip4:156.54.138.184 -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:dmarc-fb@gruppocredem.it; ruf=mailto:dmarc-fi@gruppocredem.it

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbozfEhLG2AloRNlZXn07cJAb9h285CQHqvSUIWduxJjZVewscd13tIGrElscGt6L4th66embKtRvpT5SdZ8…

selectors probed

Certificates

Loading certificate

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.credem.it/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: Sameorigin
x-content-type-options: nosniff
content-security-policy: default-src 'self' csp-id-produzione-v26; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://www.iubenda.com https://creditoemiliano.germany-2.evergage.com; img-src * data: blob:; script-src-elem 'self' 'unsafe-inline' blob: https://sslwidget.criteo.com https://ajax.googleapis.com https://www.googletagmanager.com https://maps.googleapis.com https://assets.adobedtm.com https://*.iubenda.com https://connect.facebook.net https://*.criteo.com https://cdn.evgnet.com https://secure.quantserve.com https://www.dwin1.com https://*.quantcount.com https://*.teads.tv https://tags.creativecdn.com https://apis.google.com https://platform.twitter.com https://maxcdn.bootstrapcdn.com https://*.adform.net https://*.iubenda.com https://connect.facebook.net https://creditoemiliano.germany-2.evergage.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://credem.demdex.net https://cdn.iubenda.com https://apps.mypurecloud.d
strict-transport-security: max-age=31536000; includeSubDomains; preload