indexo.dev

bertschi-baeckerei.ch

.ch crawl

First seen 2026-05-21 · Last seen 2026-05-21 · ok HTTP/1.1 200 913 ms crawled 2026-05-27

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Brot, Patisserie & Feingebäck | Bertschi Bäckerei
Description
Die Bertschi Bäckerei für frisches Brot, süsses und salziges Feingebäck, Patisserie und ultrafrische Sandwiches. Entdecken Sie unser vielseitiges Sortiment.
Language
de
Canonical
https://bertschi-baeckerei.ch/

Open Graph

title
Brot, Patisserie & Feingebäck | Bertschi Bäckerei
description
Die Bertschi Bäckerei für frisches Brot, süsses und salziges Feingebäck, Patisserie und ultrafrische Sandwiches. Entdecken Sie unser vielseitiges Sortiment.

Technology

CDN
Vercel
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • a.storyblok.com×4
  • www.googletagmanager.com×1

Social

Contact

Email
Phone
Address
Bertschi Bäckerei AGTalacherstrasse 20CH-8302 Kloten

DNS records live

NS
  • dns1.worldsoft-isp.net
  • dns2.worldsoft-isp.net
MX
  • 0 bertschibaeckerei-ch02b.mail.protection.outlook.com
TXT
  • GNXtG3r8vgfhyG8YNovI15qZqNvPsHmHrpccZjibNSqDfeNAFuIdVLmaGnlPTgngBqJPZ4qI+IpzPmXRmBk/Hg==
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:_spf.createsend.com include:spf.protection.outlook.com include:spf.emailsignatures365.com ip4:217.196.176.0/20 ip4:62.12.147.218 ip4:185.127.114.193 a mx -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCftvy1IGSCqeDECzbXdkhSMnk+zWtzLvvuBgIwVrRG9A2kS7zuI2DQv5jzu4+puWSJBzs22UMkm9R7ZuVO8…
selectors probed

Certificate (current)

R12
from 2026-05-24 to 2026-08-22
Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://bertschi-baeckerei.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.google.com *.googletagmanager.com *.google-analytics.com *.google.ch *.gstatic.com *.storyblok.com *.app-us1.com *.doubleclick.net vitals.vercel-insights.com vercel.live *.smartlook.com *.smartlook.cloud va.vercel-scripts.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.typekit.net; font-src 'self' *.googleapis.com *.gstatic.com *.typekit.net; img-src * 'self' data: blob:; media-src * 'self' data:; connect-src 'self' *.storyblok.com *.google.com *.google.ch *.googletagmanager.com *.google-analytics.com *.gstatic.com *.typekit.net *.app-us1.com *.ytimg.com *.youtube.com *.doubleclick.net vitals.vercel-insights.com vercel.live *.googleapis.com data: blob: 'unsafe-inline'; frame-src 'self' *.google.com *.googleadservices.com *.google.ch *.youtube.com *.doubleclick.net vercel.live; frame-ancestors 'self' *.storyblok.com
strict-transport-security
max-age=63072000

Links to (8)

Linked from (1)