indexo.dev

shiseido.it

.it crawl

First seen 2026-05-23 · Last seen 2026-06-01 · ok HTTP/1.1 200 1103 ms crawled 2026-05-28

US · 151.101.3.52 · AS54113 Fastly, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Skincare, make-up e fragranze di lusso | SHISEIDO
Description
Scopri skincare, make-up e fragranze SHISEIDO e vivi formule di lusso, risultati visibili e rituali esclusivi ispirati alla tradizione giapponese. Shiseido
Language
it
Canonical
https://www.shiseido.it/it/it/
Translations
  • en ×3

Technology

CDN
Amazon CloudFront
Server
fasterize
jQuery
3.5.1
Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust
Third-party hosts loaded (17)
  • cdn.jsdelivr.net×3
  • 100014054.collect.igodigital.com×2
  • cdn.cquotient.com×2
  • try.abtasty.com×2
  • apps.bazaarvoice.com×1
  • cdn.cookielaw.org×1
  • cdn.evgnet.com×1
  • dcinfos-cache.abtasty.com×1
  • e.cquotient.com×1
  • lcx-embed.bambuser.com×1
  • widget.trustpilot.com×1
  • www.googletagmanager.com×1
  • www.paypal.com×1
  • www.shiseido.co.uk×1
  • www.shiseido.com×1
  • www.shiseido.me×1
  • www.youtube.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.register.it
  • ns2.register.it
MX
  • 10 mxa-0015f201.gslb.pphosted.com
  • 10 mxb-0015f201.gslb.pphosted.com
TXT
  • spf2.0/pra ip4:37.182.202.64/28 ip4:93.174.64.0/21 include:musvc.com ~all
  • wZL8N6rSQSvW0xh6iq78EDKS3NytVYZEP3OpoI820tB+BBbK3Q8jIL7RF9fZK2uYRuUmj/qzpjo7tCZqpLAA9w==
Verified for
  • Google
  • Meta
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:37.182.202.64/28 ip4:93.174.64.0/21 include:musvc.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-04 to 2026-08-02
Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.shiseido.it/it/it/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(self)
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' * tag.wknd.ai assets.bounceexchange.com api.bounceexchange.com dev.bounceexchange.com dash-staging.bounceexchange.com https://cdn.gbqofs.com/ https://connect.facebook.net https://www.google-analytics.com https://www.googletagmanager.com https://www.youtube.com; style-src * 'self' 'unsafe-inline' assets.bounceexchange.com; img-src * 'self' blob: data: assets.bounceexchange.com events.bouncex.net; font-src * 'self' data: assets.bounceexchange.com; child-src assets.bounceexchange.com; worker-src * 'self' blob: assets.bounceexchange.com; frame-src * 'self' assets.bounceexchange.com dash-staging.bounceexchange.com; form-action * 'self' api.bounceexchange.com dev.bounceexchange.com; connect-src * 'self' events.bouncex.net coupons.bounceexchange.com *.cdnwidget.com *.cdnbasket.net;
strict-transport-security
max-age=2592000; includeSubDomains

Links to (3)

Linked from (2)