benzeholz.ch
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
Social
DNS records live
- NS
-
- ns1.seantis.ch
- ns2.seantis.ch
- ns3.seantis.ch
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 83 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
base-uri 'self';block-all-mixed-content;child-src 'self' https://*.infomaniak.com https://*.vimeo.com https://*.youtube.com https://checkout.stripe.com https://pay.datatrans.com https://pay.sandbox.datatrans.com;connect-src 'self' *.sentry.io https://api.mapbox.com https://cdn.jsdelivr.net https://checkout.stripe.com https://geodesy.geo.admin.ch https://map.geo.bs.ch https://maps.zg.ch https://stats.seantis.ch/ https://wms.geo.admin.ch/ https://wmts.geo.bs.ch;default-src 'self';font-src 'self' data: http: https:;form-action 'self';img-src 'self' data: http: https:;object-src 'none';script-src 'nonce-FXdtjphYb9y80tvOw1msMA==' 'self' https://browser.sentry-cdn.com https://checkout.stripe.com https://js.sentry-cdn.com https://pay.datatrans.com https://pay.sandbox.datatrans.com https://stats.seantis.ch/;style-src 'self' 'unsafe-inline' https:- strict-transport-security
max-age=31536000; includeSubDomains
Links to (3)
- meggenhorn.ch×1
- meggen.ch×1
- github.com×1