autobolli.ch
autobolli.ch
HTML metadata
Technology
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (3)
- res.cloudinary.com×2
- consent.cookiebot.com×1
- deep-impact-ag-res.cloudinary.com×1
Contact
- Phone
DNS records live
- NS
-
- ns.hostpoint.ch
- ns2.hostpoint.ch
- MX
-
- 10 mx1.mail.hostpoint.ch
- 10 mx2.mail.hostpoint.ch
Email authentication weak
- SPF
-
v=spf1 redirect=spf.mail.hostpoint.chmissing all - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 40 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
child-src 'self' blob:; connect-src 'self' ws: *.cloudinary.com https://deepimpact.eu.auth0.com/ https://amag-dev.eu.auth0.com/ https://amag-prod.eu.auth0.com https://connect.facebook.net https://www.facebook.com https://pp.m-4.ch https://pp.caymland.app https://pp.caymland.io/mtc/event https://pp.caymland.io/mtc.js https://pp.caymland.io/focus/1.js https://*.doubleclick.net https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleusercontent.com https://www.googletagmanager.com https://api.aiaibot.com https://*.cookiebot.com https://*.usercentrics.eu https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://cdn.jsdelivr.net https://www.carify.com https://*.carmarket.ch; default-src 'self'; img-src 'self' blob: data: https://*.doubleclick.net https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleusercontent.com https://www.google- strict-transport-security
max-age=63072000; includeSubdomains;