indexo.dev

boastyle.ch

.ch crawl

First seen 2026-05-29 · Last seen 2026-05-29 · ok HTTP/1.1 200 406 ms crawled 2026-05-31

CH · 149.126.4.122 · AS47302 cyon AG

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
boa
Description
Always excited for the new. Entdecke unsere offenen Stellen. Salon Willkommen in unserem einzigartigen boa style Salon in Meilen! Hier dreht sich alles um Kreativität, Pflege und Styling. Unser erfahrenes Team lässt Ihre Persönlichkeit erstrahlen. Lassen Sie sich von unserem (...)
Language
en-US
Canonical
https://boastyle.ch/
Feeds

Open Graph

description
Always excited for the new. Entdecke unsere offenen Stellen. Salon Willkommen in unserem einzigartigen boa style Salon in Meilen! Hier dreht sich alles um Kreativität, Pflege und Styling. Unser erfahrenes Team lässt Ihre Persönlichkeit erstrahlen. Lassen Sie sich von unserem (...)

Technology

CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • s3.amazonaws.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.cyon.ch
  • ns2.cyon.ch
MX
  • 0 mail.boastyle.ch

Email authentication weak

SPF
v=spf1 include:spf.protection.cyon.net -all
strict (-all)
DMARC
not published
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup0UcIQwxzY/P2Yt4VzPzCuJZ3EsEvJQU7/9zui8tus8Ww94oXb6A7eBFy99anT7NUu10yEmfpBf0n…
selectors probed

Certificate (current)

R13
from 2026-05-09 to 2026-08-07
Expires in 68 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://boastyle.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.stutz-medien.dev; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.wordpress.org *.wp.com *.stutz-medien.dev *.googletagmanager.com *.google.com *.gstatic.com *.typekit.net load.nootiz.com https://s3.amazonaws.com https://*.list-manage.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.wp.com *.stutz-medien.dev *.googleapis.com *.typekit.net; img-src 'self' data: *.wp.com *.wordpress.org *.gravatar.com *.stutz-medien.dev; font-src 'self' data: *.stutz-medien.dev *.gstatic.com *.typekit.net *.typekit.com; frame-src 'self' *.stutz-medien.dev *.youtube.com *.google.com load.nootiz.com; frame-ancestors 'self'; media-src 'self' *.stutz-medien.dev; connect-src 'self' *.stutz-medien.dev *.google.com api.nootiz.com https://*.google-analytics.com; object-src 'none'
strict-transport-security
max-age=31536000

Links to (3)

Linked from (1)