indexo.dev

nepomucenum.it

.it crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 455 ms crawled 2026-06-01

US · 104.21.48.101 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Pontificio Collegio Nepomuceno

Technology

CDN
Cloudflare
jQuery
1.11.0 known XSS (<3.5)
Stack
PHP
Fonts
  • Font Awesome
  • Google Fonts
Third-party hosts loaded (9)
  • o1.agendafarnosti.cz×17
  • www.agendafarnosti.cz×14
  • agendafarnosti.cz×9
  • fonts.googleapis.com×2
  • use.fontawesome.com×2
  • cirkevnistatistiky.cz×1
  • forms.agendafarnosti.cz×1
  • translate.google.com×1
  • www.facebook.com×1

Social

Contact

Phone

DNS records live

NS
  • ignacio.ns.cloudflare.com
  • molly.ns.cloudflare.com
MX
  • 10 402b6e8705600aa7.mx2.emailprofi.seznam.cz
  • 20 402b6e8705600aa7.mx1.emailprofi.seznam.cz

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-13 to 2026-07-12
Expires in 40 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://nepomucenum.it/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
unload=(self "https://www.facebook.com" "https://web.facebook.com" "https://staticxx.facebook.com" "https://static.xx.fbcdn.net")
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://booking.previo.app https://*.agendafarnosti.cz https://*.agendafarnosti.sk https://*.gemeindeagenda.at https://donator.cz https://*.fontawesome.com https://cirkevnistatistiky.cz https://js.stripe.com https://*.vaticannews.va https://*.jsdelivr.net https://*.cloudflare.com https://*.google.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.net https://*.facebook.com https://*.cloudflareinsights.com; frame-ancestors 'self' https://*.agendafarnosti.cz https://agendafarnosti.cz https://*.agendafarnosti.sk https://agendafarnosti.sk https://*.gemeindeagenda.at https://gemeindeagenda.at https://cirkevnistatistiky.cz;
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31536000
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (25)

Linked from (1)