fotoservice.it — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Stampa Foto Online: Foto, Fotolibri, Calendari | Fotoservice
Description: Stampa le tue foto online e rivivi i tuoi ricordi! Puoi stampare foto, fotolibri, calendari e idee regalo personalizzate in modo semplice e veloce.
Language: it
Canonical: https://www.fotoservice.it/

Technology

Server: Apache
CMS: Gatsby
Stack: PHP

Analytics

Google Tag Manager

Cookie consent

Iubenda

Third-party hosts loaded (7)

fotoservice.b-cdn.net×141
accounts.google.com×1
cdn.iubenda.com×1
cl.avis-verifies.com×1
static.criteo.net×1
static.zdassets.com×1
www.googletagmanager.com×1

Social

Contact

Email

info@rikorda.it

Phone

DNS records live

NS

ns.multiwire.net
ns2.multiwire.net

MX

10 email.unicolor.net
20 email2.unicolor.net
30 mail.unicolor.net

Email authentication weak

SPF: v=spf1 mx ip4:185.100.109.128/28 include:unicolor.net include:t.contactlab.it ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2026-03-17 to 2026-10-02

Expires in 121 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.fotoservice.it/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
weak content type protection
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff, nosniff
content-security-policy: DEFAULT-SRC 'self' blob: rikorda.it *.rikorda.it fotoservice.it *.fotoservice.it; SCRIPT-SRC 'self' 'unsafe-inline' 'unsafe-eval' blob: fotoservice.it *.fotoservice.it assets.pinterest.com widgets.pinterest.com *.sentry-cdn.com *.iubenda.com *.zopim.com *.criteo.net *.criteo.com *.zoorate.com *.zdassets.com *.addtoany.com *.cloudflare.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.google.com www.googleadservices.com *.doubleclick.net *.clerk.io connect.facebook.net js.braintreegateway.com assets.braintreegateway.com *.b-cdn.net; STYLE-SRC 'self' 'unsafe-inline' rikorda.it *.rikorda.it *.zoorate.com *.googleapis.com assets.braintreegateway.com *.b-cdn.net; CONNECT-SRC 'self' blob: rikorda.it *.rikorda.it *.rikordadev.it fotoservice.it *.fotoservice.it wss://*.zopim.com *.zdassets.com *.zendesk.com *.iubenda.com *.doubleclick.net *.facebook.com *.google-analytics.com *.googleapis.com sentry.io api.braintreegateway.com client-analytics.braintreegateway.com *.braintre
strict-transport-security: max-age=300; includeSubdomains
content-security-policy-report-only: font-src *.fontawesome.com *.magentocommerce.com *.iubenda.com *.zopim.com data: *.b-cdn.net fonts.gstatic.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.facebook.com yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.payments-amazon.com *.payments-amazon.co.uk *.paym

Links to (4)

Linked from (2)

thebreath.it×1
trony.it×1