vwfs.it — domain check, WHOIS, DNS & reputation

HTML metadata

Title

Finanziamenti, Assicurazioni, Manutenzione e Mobility | VWFS

Language

it

Canonical

https://www.vwfs.it/

Translations

it

Technology

CDN: Amazon CloudFront
Server: CloudFront

Third-party hosts loaded (6)

cms-assets.vwfs.com×34
apikeys.civiccomputing.com×2
cc.cdn.civiccomputing.com×2
cdn.bronson.vwfs.io×2
assets.adobedtm.com×1
cdn3.userzoom.com×1

Social

Contact

Phone

DNS records live

NS

dnsglb1.vwfsag.de
dnsglb2.vwfs.net

MX

5 vwfs-it.mail.protection.outlook.com

TXT

trustpilot-one-time-verification-id=eb88e09a-266f-47f5-9bf4-4fae5c95d140
M509BxNcQ5bnOr2YIWXC5lCsT4i+IWH0qRCcI1QL7RFBjkq9QxHFZt7+rGsDD1LtXrq9h9MtNAdBQZXTSHQ2bQ==

Verified for

Google
Meta
Microsoft 365

Email authentication strong

SPF

v=spf1 ip4:185.60.96.64/29 ip4:185.60.97.64/29 include:spf.protection.outlook.com include:sendgrid.net include:_spf.zucchetti.com mx:vwfs.it ip4:194.184.133.20 ip4:2.113.85.252 -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:volkswagenfs@rua.netcraft.com; ruf=mailto:volkswagenfs@ruf.netcraft.com

policy: quarantine

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qc97cdRurU3UX28CoAFJ3QueVv160SJFeHvPjvMfmJ+TI6MNi/gL9jNgNBXY5GX7YptzwWlOZqFz6wXb0…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLtOq+WcbLCPPpEahPFwLGKX1le3g2gx3pXBuJyKFIf7a65HgApgGveX5usMqnueQF0Rxt1F9HMDZPE/0zFbqvAB…

selectors probed

Certificate (current)

DigiCert QuoVadis 2G3 TLS RSA4096 SHA384 2023 CA1

from 2026-01-06 to 2027-01-06

Expires in 219 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.vwfs.it

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.cms.vwfs.tools; img-src 'self' data: https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://dev.day.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://maps.gstatic.com https://*.google.com https://www.google.de https://*.google.it https://*.googlesyndication.com https://*.googleadservices.com https://cm.g.doubleclick.net https://ad.doubleclick.net https://img.youtube.com https://i.ytimg.com https://*.userzoom.com https://*.adform.net https://www.facebook.com https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://t.co https://*.volkswagenbank.de https://cms-assets.vwfs.io https://cms-assets.vwfs.com https://smetrics.vwfs.it https://mediaservice.audi.com https://GISTPAEndpoint-Prod.azureedge.net https://default.vms.vwfs.io https://cdn.bronson.vwfs.tools https://cdn.bronson.vwfs.io https://gateway.zsclou
strict-transport-security: max-age=31536000; includeSubdomains; preload;