indexo.dev

howdenflex.it

.it crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 356 ms crawled 2026-06-02

DE · 178.63.98.222 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title
Howdenflex | Login o registrati |
Description
Benvenuto/a su Howdenflex, il tuo portale per il welfare aziendale
Language
it

Technology

Server
nginx
CMS
Gatsby
jQuery
3.7.1
Stack
Django
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • cdnjs.cloudflare.com×2
  • fonts.googleapis.com×1
  • fonts.gstatic.com×1

Contact

Email
Phone

DNS records live

NS
  • dns1.cscdns.net
  • dns2.cscdns.net
MX
  • 10 eu-smtp-inbound-1.mimecast.com
  • 20 eu-smtp-inbound-2.mimecast.com
TXT
Show 13 TXT records
  • _1juypwpjdk0lufqiysb7ngfxfsh295d
  • _258sloqmqhvfxokgfgnek9zeoqjhtxt
  • _30uzz6sdk8f3ayg2ujv14v57xqra2dw
  • _6gn5y01ay8v9pf4mnz807lccfurzc5h
  • _iq5uuwcgix1jl8bcpfgamimnfuf5uox
  • _ketobx8grfaqp80qj5jtqgwm70p107g
  • _m0dgufclhfhrg4encuoh4my7xnnzfu1
  • _z2530kux78nt6qkafsb1nn7hlqrgphz
  • mt1grykfnjsgncls5b4m9rz7hhbtbj08
  • t666167gq6109b9d7z99r8bpx41cf1yx
  • vxk4zc0d2wk1cqgq2grxjgjxwnw40km5
  • 0ed1fe018ae60988d9e1fb4b23a143ec2e72d80abf
  • 9cbqv6wy07yfpxpwt512cmlnhzgsvftb
Verified for
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:eu._netblocks.mimecast.com include:_spf.salesforce.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; adkim=s; aspf=r
policy: reject (enforced)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQkSGm7rsbUuCsy1j+XQj1C62joRx1vXTMgYdxAgZOXqJahQJtaRcQUe5rwJgc7D7+Rx55Q/FRZThj+8xa…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJlh5Pg8uiTpBZIF9/tr0nhqrorQSidbs+mV/WCdr8hL/DmKctXbp+U5R1FR7FAP2IhfDLWS4cIroRTsdatUVYsI…
selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1
from 2026-02-10 to 2027-02-21
Expires in 261 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://howdenflex.it/howden-spa/shop/accounts/login/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • missing Content Security Policy
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy-report-only
default-src 'self'; connect-src 'self' https://cdn.jsdelivr.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net; img-src 'self' data: blob:; font-src 'self' data: https://cdn.jsdelivr.net; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com;

Linked from (1)