umbriatourism.it

.it crawl

First seen 2026-05-11 · Last seen 2026-05-17 · ok HTTP/1.1 200 21573 ms crawled 2026-05-17

IT · 46.254.152.93 · AS203469 Puntozero S.c.a.r.l.

Reputation 100/100

Classifying

HTML metadata

Title

Tourism and holidays in Umbria: official website of the Umbria Region - Umbriatourism

Description

The official website of tourism in Umbria: travel proposals, events, offers, news to discover and experience Umbria.

Language

Canonical

https://www.umbriatourism.it/en/

Translations

Open Graph

url: https://www.umbriatourism.it/en/
title: Tourism and holidays in Umbria: official website of the Umbria Region - Umbriatourism
locale: en_US
site name: Umbriatourism
description: The official website of tourism in Umbria: travel proposals, events, offers, news to discover and experience Umbria.
locale:alternate: en_US

Technology

Server: nginx

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

DNS records live

NS

dns.technorail.com
dns2.technorail.com
dns3.arubadns.net
dns4.arubadns.cz

MX

1 smtp.google.com

TXT

actalis-dcv=ivcqi0ktp54u0mve28u9jdq4md

Verified for

Google
Meta

Email authentication strong

SPF

v=spf1 ip4:46.254.155.57/32 include:spf.protection.outlook.com include:musvc.com include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:admin@umbriatourism.it; ruf=mailto:admin@umbriatourism.it; sp=none

policy: quarantine · sp=none

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCanpInAL+wXPlKO2b8jcmE/9acabr7LwBhu2HpeiJhrm5wwzxo+Mlz0P3sXfro0BIGz09lbgMTVTVJbT7sIA…

selectors probed

Certificate (current)

Actalis Domain Validation Server CA G3

from 2025-07-29 to 2026-07-29

Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.umbriatourism.it/en/homepage

present

content-security-policy
x-frame-options
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; default-src 'self'; script-src 'self' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://www.google.com https://www.googletagmanager.com http://www.openlayers.org https://consent.cookiebot.com https://ajax.googleapis.com https://code.jquery.com https://www.gstatic.com https://s.adroll.com https://d.adroll.com http://*.facebook.net https://*.facebook.net https://unpkg.com 'unsafe-inline' 'unsafe-eval'; script-src-attr 'unsafe-inline'; style-src-elem 'self' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://cdn.iconmonstr.com https://use.typekit.net https://www.jqueryscript.net https://fonts.googleapis.com https://p.typekit.net 'unsafe-inline'; style-src-attr 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; img-src 'self' https://*.umbriatourism.it https://*.adroll.com https://*.openstreetmap.org https://*.openstreetmap.fr