indexo.dev

novotex.it

.it crawl

First seen 2026-06-02 · Last seen 2026-06-03 · ok HTTP/1.1 200 788 ms crawled 2026-06-03

DE · 52.28.201.254 · AS16509 Amazon.com, Inc.

Reputation 69/100 wrong cert dmarc monitor-only

Classifying

HTML metadata

Title
Novotex Italiana
Language
en-US
Generator
WordPress 3.6.1
Canonical
https://www.novotex.it/?lang=en
Translations
  • it
Feeds

Technology

Server
Apache
CMS
WordPress 3.6.1 legacy (latest 7.0)
Fonts
  • Google Fonts
Social widgets
  • LinkedIn Widget

Third-party hosts loaded (3)

  • fonts.googleapis.com×1
  • gmpg.org×1
  • platform.linkedin.com×1

Contact

Email
Phone

DNS records live

NS
  • ns1.desec.io
  • ns2.desec.org
MX
  • 20 mail.novotex.it
  • 20 mx1.novotex.it
  • 20 ntx-lnx-pmsrv.novotex.it
  • 20 pmg.novotex.it
TXT
Show 6 TXT records
  • 00Dbl000004gpob=1TBSY00000003KT
  • MS=110C68D6A4AFED2F8F54C4FB72ACB86FEEE2CB8F
  • linkedin-site-verification=34df4710-f43b-48c2-842b-8fa58e734708
  • ciscocidomainverification=575db91690c0183da6cd67f13b35b30a9af6c2bf678b0f514854e6d0c7d65f31
  • BPL=3085806
  • b8g4ptgp2ov38f0d9mjlasngnb
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 mx -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current) wrong cert

E7
from 2026-05-06 to 2026-08-04
Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.novotex.it/?lang=en

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
child-src 'self' www.youtube.com www.linkedin.com; connect-src 'self'; font-src 'self' fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com platform.linkedin.com www.linkedin.com; style-src 'self' 'unsafe-inline' www.gstatic.com fonts.googleapis.com; img-src 'self' secure.gravatar.com www.google-analytics.com; default-src 'self';
strict-transport-security
max-age=31536000; includeSubDomains;

Linked from (1)