beyondbagatelle.com

.com crawl

First seen 2026-05-09 · Last seen 2026-05-15 · ok HTTP/1.1 200 2190 ms crawled 2026-05-15

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Beyond Bagatelle — Curated Voyages, Private Concierge & Partner Privileges
Description: Beyond Bagatelle is the private membership of The Bagatelle Group. Cultural voyages, curated events, partner privileges at leading hotels and lifestyle houses, and a personal concierge — all in one membership.
Language: en
Canonical: https://www.beyondbagatelle.com

Open Graph

url: https://www.beyondbagatelle.com
title: Beyond Bagatelle — The Exclusive Membership of The Bagatelle Group
description: Cultural voyages, curated events, partner privileges, and a private concierge — the exclusive membership of The Bagatelle Group.

Technology

CDN: Vercel
CMS: Wix

Third-party hosts loaded (2)

static.wixstatic.com×10
daksegwanachlhudyjiv.supabase.co×6

Social

Contact

Email

contact@beyondbagatelle.com

Address

Tübinger Strasse 12-16, 70178, Stuttgart, DE

Registration

Registrar

IONOS SE

Created

2025-02-26

Expires

2028-02-26 647 days left

Updated

2026-04-16

Name servers

ns1049.ui-dns.de
ns1087.ui-dns.org
ns1115.ui-dns.com
ns1117.ui-dns.biz

DNS records live

NS

ns1049.ui-dns.de
ns1087.ui-dns.org
ns1115.ui-dns.com
ns1117.ui-dns.biz

MX

0 beyondbagatelle-com.mail.protection.outlook.com

Email authentication weak

SPF: v=spf1 include:spf.protection.outlook.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-04-16 to 2026-07-15

Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.beyondbagatelle.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: camera=(), microphone=(), geolocation=(), payment=(self "https://js.stripe.com")
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://js.stripe.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://*.supabase.co https://static.wixstatic.com https://www.figma.com; media-src 'self' https://*.supabase.co blob:; connect-src 'self' https://*.supabase.co wss://*.supabase.co https://auth.beyondbagatelle.com wss://auth.beyondbagatelle.com https://api.stripe.com https://api.resend.com https://ldccwxanjhcbizhtmxtg.supabase.co https://*.ingest.de.sentry.io; frame-src https://js.stripe.com https://hooks.stripe.com; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (1)

instagram.com×1

Linked from (1)

bagatelle.com×1