youngercard.it

.it crawl

First seen 2026-05-29 · Last seen 2026-05-31 · ok HTTP/1.1 200 467 ms crawled 2026-05-31

IT · 193.43.202.88 · AS31638 Lepida S.c.p.A.

Reputation 100/100

Classifying

HTML metadata

Title: Younger Card - 2026 - Home
Language: it

Technology

Server: Server
jQuery: 3.2.1 known XSS (<3.5)
Stack: ASP.NET

Fonts

Google Fonts

Third-party hosts loaded (4)

fonts.googleapis.com×2
cdn.rawgit.com×1
cdnjs.cloudflare.com×1
maps.googleapis.com×1

Social

Contact

Email

info@gllonardi.com

Phone

DNS records live

NS

ns1-09.azure-dns.com
ns2-09.azure-dns.net
ns3-09.azure-dns.org
ns4-09.azure-dns.info

Email authentication no MX

SPF: v=spf1 -all
strict (-all)
DMARC: v=DMARC1; p=reject; rua=mailto:1yvvdcpi@ag.eu.dmarcadvisor.com; ruf=mailto:1yvvdcpi@fr.eu.dmarcadvisor.com
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-05-25 to 2026-08-23

Expires in 84 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://youngercard.it/

present

strict-transport-security
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing Content Security Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=*, magnetometer=*, microphone=*, midi=*, navigation-override=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*, clipboard-read=*, clipboard-write=*, gamepad=*, speaker-selection=*, conversion-measurement=*, focus-without-user-activation=*, hid=*, idle-detection=*, interest-cohort=*, serial=*, sync-script=*, trust-token-redemption=*, window-placement=*, vertical-scroll=*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (7)

Linked from (3)