e-spirighc.ch
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
- Fonts
-
- Font Awesome
- Google Fonts
Third-party hosts loaded (2)
- fonts.googleapis.com×1
- use.fontawesome.com×1
DNS records live
- NS
-
- ns31.infomaniak.com
- ns32.infomaniak.com
- MX
-
- 5 mta-gw.infomaniak.ch
Email authentication weak
- SPF
-
v=spf1 include:spf.infomaniak.ch ?allneutral (?all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 84 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.googleapis.com https://use.fontawesome.com blob: https://cdn.jsdelivr.net https://*.scandit.com https://tbooking.ch ; img-src 'self' https://mdbootstrap.com https://documedis.hcisolutions.ch https://cellashop.ch data: ; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com data: ; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com data: ; object-src 'self' blob: ; connect-src 'self' https://*.pharmedsolutions.ch https://cdn.jsdelivr.net https://*.scandit.com; frame-src 'self' https://forms.office.com;- strict-transport-security
max-age=15768000