kyos.ch
kyos.ch
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
Third-party hosts loaded (4)
- www.googletagmanager.com×2
- cdn.cookielaw.org×1
- gmpg.org×1
- www.google.com×1
Social
Contact
DNS records live
- NS
-
- ns1.infomaniak.ch
- ns2.infomaniak.ch
- MX
-
- 10 kyos-ch.mail.protection.outlook.com
- TXT
-
Show 5 TXT records
druide-validation-domaine=f6658aa127c9eb92ab5911fdd9e323a6Foxit-domain-verification=30f158a06a7ef984a051f475c1a8a93fBZdS01y/WnlC6bVZ1spjfwN87DVYTZxUDVVa5oNokvm2LUwxZ05UFOSXFYCjf++qvVonLKxRNh29tK+5skBfUA==hpe-greenlake-domain-verification=4b6c3877386b6a45647a614449717652737a78506574453468464648474c3736dtfXuJr7MN1rh+YwOhXnmatZih19P3sRzwEH2k3NSUVjJG2fRupkcruz2wq4niCLGIfRW6u0rUm4Fq7HoBevFw==
- Verified for
-
- Apple
- HashiCorp
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 mx ip4:212.147.68.133 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18 ip4:69.169.224.0/20 ip4:23.249.208.0/20 ip4:23.251.224.0/19 ip4:76.223.176.0/20 ip4:54.240.64.0/18 ip4:76.223.128.0/19 ip4:216.221.160.0/19 ip4:206.55.144.0/20 ip4:24.110.64.0/18 include:amazonses.com include:spf-de.emailsignatures365.com include:spf.protection.outlook.com include:spf.infomaniak.ch -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; pct=100; rua=mailto:kyos.rua@emailsecurity.merox.io,mailto:gt3pbtlw@ag.dmarcian-eu.com,mailto:dmarc_agg@vali.email; ruf=mailto:kyos.ruf@emailsecurity.merox.io,mailto:gt3pbtlw@fr.dmarcian-eu.com; sp=quarantine; adkim=s; aspf=s; fo=1policy: quarantine · sp=quarantine - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8mWweOZhedcQSoC47k0w1YoJWQ2Lw9jc8EYEuZblAk8nOav6Q0GKFpwI9DGaOGt6YY50lf+/HAy5BsuqBf2… - selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGWVpACCLStIMt7DVN1neWX/IzrHB4yEZl+Fw3PQVHHody9XPqcM7KGHgVhmwisQRoAiGkcPuRlfct5EJw0M…
selectors probed - selector1:
Certificate (current)
R12
Expires in 30 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(self),encrypted-media=(),fullscreen=(self),geolocation=(self),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),xr-spatial-tracking=(),gamepad=(),serial=()- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://cdn.cookielaw.org https://www.google.com/recaptcha/api.js https://*.gstatic.com https://*.google-analytics.com https://cdn.leadinfo.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.cookielaw.org https://cdn.leadinfo.net; font-src 'self' https://fonts.gstatic.com; frame-src https://www.youtube.com https://player.vimeo.com https://www.google.com; object-src 'none'; connect-src 'self' https://*.google-analytics.com https://cdn.cookielaw.org https://collector.leadinfo.net https://collector4.leadinfo.net https://api.leadinfo.com https://www.google.com/recaptcha/api2/clr; media-src 'self'; form-action 'self';- strict-transport-security
max-age=63072000; includeSubDomains; preload- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
same-origin