payback.it

HTML metadata

Technology

Server

nginx

CMS

Gatsby

Cookie consent

• OneTrust

Third-party hosts loaded (2)

• cdn.cookielaw.org×1
• www.google.com×1

Social

• facebook
• instagram
• youtube
• linkedin

Contact

Phone

• 07643140960

DNS records live

NS

• doug.ns.cloudflare.com
• ulla.ns.cloudflare.com

MX

• 10 mx.noris.de
• 10 mx.noris.net
• 42 fakemx.noris.net

TXT

• _kvhck2yvq3lk0c4hwyejxc6dps8aups
• _ygjbh1c3m7deg2n6eplukylvzmp5obk

Verified for

• GlobalSign

Email authentication strong

SPF

v=spf1 ip4:213.155.95.180 ip4:185.124.16.48/28 include:emarsys.net include:emsmtp.com ip4:194.77.111.20 include:send.serilab.eu include:t.contactlab.it include:musvc.com include:spf.qb-feedback.com include:bf.kaleyra.email ip4:156.54.128.78 ip4:156.54.128.210 include:spf.mag-news.it include:c.spf.service-now.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;rua=mailto:dmarc@payback.net;adkim=r;aspf=r;rf=afrf;pct=100;

policy: reject (enforced)

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.payback.it/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options

findings

• CSP uses wildcard sources
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• youtube.com×1
• payback.net×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1
• adjust.com×1

Linked from (1)

• farmacialoreto.it×1