gullon.it

.it crawl

First seen 2026-05-22 · Last seen 2026-05-30 · ok HTTP/1.1 200 1023 ms crawled 2026-05-28

US · 34.107.160.36 · AS396982 Google LLC

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Biscotti Gullon

Language

it-IT

Generator

WordPress 6.9.4

Canonical

https://gullon.it/

Translations

Feeds

Technology

CMS: WordPress 6.9.4
jQuery: 3.7.1

Analytics

Google Tag Manager

Ads

Meta Pixel

Cookie consent

Cookiebot

Fonts

Google Fonts

Third-party hosts loaded (12)

fonts.googleapis.com×3
consent.cookiebot.com×2
fonts.gstatic.com×2
gullon.co.uk×2
gullon.es×2
gullon.fr×2
gullon.pt×2
www.googletagmanager.com×2
connect.facebook.net×1
consentcdn.cookiebot.com×1
gmpg.org×1
www.facebook.com×1

Social

DNS records live

NS

ns01.trademarkarea.com
ns02.trademarkarea.com
ns03.trademarkarea.com

MX

10 correo.gullon.es

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WR3

from 2026-04-03 to 2026-07-02

Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://gullon.it/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval';
strict-transport-security: max-age=31536000; includeSubDomains