visitloano.it — domain check, WHOIS, DNS & reputation

HTML metadata

Title

Visit Loano - Il Portale turistico Ufficiale di Loano

Description

Scopri Loano: natura, outdoor, mare e gusto. Loano la vacanza che ti fa star bene, le migliori esperienze per la vacanza adatta a te

Language

it-IT

Generator

WordPress 7.0

Canonical

https://www.visitloano.it/

Translations

en ×2
it ×2

Feeds

Visit Loano » Feed RSS
Visit Loano » Feed dei commenti RSS

Open Graph

url: https://www.visitloano.it/
title: Visit Loano - Il Portale turistico Ufficiale di Loano
locale: it_IT
site name: Visit Loano
description: Scopri Loano: natura, outdoor, mare e gusto. Loano la vacanza che ti fa star bene, le migliori esperienze per la vacanza adatta a te
updated time: 2026-03-27T14:58:13+01:00

Technology

Server: nginx
CMS: WordPress 7.0
jQuery: 3.7.1

Cookie consent

Iubenda

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.googleapis.com×2
www.google.com×2
cdn.iubenda.com×1

Social

Contact

Phone

00308950096

DNS records live

NS

ns3.edicloud.it
ns4.edicloud.it

MX

10 mx.edinet.info

Verified for

Google

Email authentication partial

SPF: v=spf1 mx a include:edinet.info -all
strict (-all)
DMARC: v=DMARC1; p=none; pct=100; fo=1; rua=mailto:abuse@edinet.info; ruf=mailto:abuse@edinet.info; ri=86400
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

GoGetSSL RSA DV CA

from 2025-07-14 to 2026-08-14

Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.visitloano.it/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src *.edinet.info *.iubenda.com www.google.com www.gstatic.com http: https: ws: wss: data: blob: 'unsafe-inline' *.facebook.net *.google-analytics.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google.it *.google.com *.deskline.net *.forecast7.com weatherwidget.io *.outdooractive.com; frame-ancestors 'self' *.edinet.info; script-src 'self' *.edinet.info *.iubenda.com *.ampproject.org www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval' blob: *.facebook.net *.google-analytics.com *.googletagmanager.com *.googletagservices.com *.googlesyndication.com *.google.it *.google.com *.deskline.net *.forecast7.com weatherwidget.io *.outdooractive.com;
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (2)

instagram.com×1
facebook.com×1