indexo.dev

baloisesession.ch

.ch crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 640 ms crawled 2026-05-30

CH · 149.126.0.67 · AS47302 cyon AG

Reputation 86/100 dmarc partial coverage weak subdomain policy

Classifying

HTML metadata

Title
Baloise Session | Home
Description
Magical concerts in a club table atmosphere.
Language
en
Generator
SEOmatic
Canonical
https://www.baloisesession.ch/en
Translations
  • de
  • en
  • fr

Open Graph

url
https://www.baloisesession.ch/en/
title
Home
locale
en
site name
Baloise Session
description
Magical concerts in a club table atmosphere.
country-name
CH
locale:alternate
de

Technology

Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Contact

Address
Grenzacherstrasse 79, 4058, Basel, Basel, Schweiz

DNS records live

NS
  • ns1.cyon.ch
  • ns2.cyon.ch
MX
  • 0 baloisesession-ch.mail.protection.outlook.com
TXT
  • mx-7c85bdceecc0af08
  • spf2.0/pra
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:212.90.192.22 include:spf.protection.outlook.com include:spf.nine.ch a:mx1.nine.ch a:mx2.nine.ch include:spf.mailxpert.ch -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:administrator@sessionbasel.ch,mailto:bc67d722@mxtoolbox.dmarc-report.com; ruf=mailto:administrator@sessionbasel.ch,mailto:bc67d722@forensics.dmarc-report.com; rf=afrf; sp=none; fo=1; pct=10; adkim=s; aspf=s
policy: quarantine · pct=10 · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiWVYJojCw6AAhOGI1505avSp4YNaGcSv38g6nYe5e670/zfxi8ynXBZuEEIzOTSzSGGUVlkTQmxZs…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zq75GThgiSiteVhiL0Ap5xiRLA4Z3huB292F93rOsgVoESy8UjVtC0+d177nw6H0NJlRM0NNcse0h…
selectors probed

Certificate (current)

R13
from 2026-05-15 to 2026-08-13
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.baloisesession.ch/en

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.cookiebot.com *.doubleclick.net *.mailoskop.ch ; style-src 'self' 'unsafe-inline' ; font-src 'self' *.gstatic.com data:; connect-src 'self' *.doubleclick.net *.google-analytics.com *.cookiebot.com *.elfsight.com *.googletagmanager.com google-analytics.com googletagmanager.com edge.marker.io api.marker.io *.google.com; frame-src *.recaptcha.net *.doubleclick.net *.sibforms.com youtube.com https://www.youtube.com https://www.youtube-nocookie.com https://consentcdn.cookiebot.com https://embed.music.apple.com https://open.spotify.com ; style-src-elem 'self' 'unsafe-inline' inline *.googletagmanager.com fonts.googleapis.com ; img-src 'self' data: *.w3.org *.cookiebot.com *.googletagmanager.com *.google.ch *.gstatic.com *.google-analytics.com *.jsdelivr.net; report-uri /csp-log;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (13)

Linked from (2)