indexo.dev

viewit.it

.it crawl

First seen 2026-05-28 · Last seen 2026-05-28 · ok HTTP/1.1 200 526 ms crawled 2026-05-31

IT · 185.205.41.113 · AS31034 Aruba S.p.A.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Expi4D: Interactive 3D Viewer for Events, Fairs, and Large Properties
Description
Discover Expi4D, the advanced 3D solution to explore, plan, and manage trade fair events, hotels, and complex properties. Detailed interaction, editing, 2D/3D CAD, setup management, and much more. Request a demo!
Language
en
Translations
  • de
  • en
  • it

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×2
  • fonts.gstatic.com×1
  • www.googletagmanager.com×1

Contact

Email
Phone

DNS records live

NS
  • dns1.ergonet-dns.com
  • dns1.ergonet-dns.it
  • dns1.ergonet-dns.net
MX
  • 10 mx01.ergonet.it
  • 10 mx02.ergonet.it
  • 10 mx03.ergonet.it
  • 10 mx04.ergonet.it

Email authentication partial

SPF
v=spf1 a mx include:_spf.ergonet.it include:servers.mcsv.net ?all
neutral (?all)
DMARC
v=DMARC1; p=none; rua=mailto:postmaster@viewit.it
policy: none (monitoring only)
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed

Certificate (current)

R13
from 2026-04-17 to 2026-07-16
Expires in 45 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://viewit.it/st/en/index.html

present
  • strict-transport-security
  • content-security-policy
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin, no-referrer
content-security-policy
default-src 'self' * 'unsafe-inline' 'unsafe-eval' data: blob:; script-src 'self' * 'unsafe-inline' 'unsafe-eval' data: blob:; connect-src * 'unsafe-inline'; img-src 'self' * data: blob: 'unsafe-inline'; frame-src *; frame-ancestors *; style-src 'self' * 'unsafe-inline';
strict-transport-security
max-age=63072000; includeSubDomains; preload

Linked from (1)