indexo.dev

berninaudit.ch

.ch crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 446 ms crawled 2026-06-02

CH · 194.56.188.104 · AS207143 hosttech GmbH

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
BerninAudit
Language
it-IT
Translations
  • de
  • it

Technology

Server
LiteSpeed
CMS
WordPress
PHP
8.2.31 security-only
jQuery
3.7.1

Third-party hosts loaded (2)

  • unpkg.com×2
  • cdnjs.cloudflare.com×1

Contact

Email
Phone

DNS records live

NS
  • ns1.hostserv.eu
  • ns2.hostserv.eu
  • ns3.hostserv.eu
MX
  • 10 berninaudit-ch.gate.seppmail.cloud
TXT
  • swisssign-check=w75q4HxlPNvDBxwN8GVkV4w2jSs
  • swisssign-check=HCvlaD0RcT73n8Dc-7yrlqR4FHE
Verified for
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:_spf.ch.seppmail.cloud include:mailgun.org -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100
policy: reject (enforced)
DKIM
  • default: v=DKIM1; k=rsa; s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWQUIICVzt74NWgieI3s4ohCYj1ZQRuhna86AmGI0VMfc2k4BWw8SWtRitv/z7DsXxDVEC…
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43YoUytryZbn2iMK+fufIAfZUcfojjCabfS+Kum8yLCtu88b4Shn2L8GD3CnMPbsct8taPNNh2nnJ5…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sAcEq7GmWC0jK/WCwNHc0o5q6+pGwywyrYACuS/WEI/LXFegktVEyHPadoFqXOaLruAuA8Xy4gH6u…
selectors probed

Certificate (current)

R12
from 2026-04-24 to 2026-07-23
Expires in 51 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://berninaudit.ch/

present
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (3)