moveon-luzern.ch

.ch crawl

First seen 2026-06-04 · Last seen 2026-06-04 · ok HTTP/1.1 200 1799 ms crawled 2026-06-04

CH · 80.74.155.70 · AS21069 METANET AG

Reputation 95/100 weak security headers

sector health type homepage

HTML metadata

Title

MOVEON-LUZERN | Fitness & Trainingcenter

Language

en-US

Generator

WordPress 7.0

Canonical

https://www.moveon-luzern.ch/

Feeds

Technology

Server: nginx
CMS: WordPress 7.0
jQuery: 3.7.1

Third-party hosts loaded (2)

cdn.canvasjs.com×2
www.google.com×1

Social

Contact

Phone

DNS records live

NS

ns1.divico.metanet.ch
ns2.divico.metanet.ch

MX

10 mail.moveon-luzern.ch

Email authentication strong

SPF

v=spf1 include:_spf.sui-inter.net +mx +a ~all

softfail (~all)

DMARC

v=DMARC1; adkim=s; aspf=s; p=quarantine

policy: quarantine

DKIM

default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+yDrrJADTkpppot7DBe+W5qpqOZ/pXD1Bxd/H8gh0fX1zDXLcJ4ryBfxBTG7/PtX1nRk/XUHDi9TTpxtgxCgYMdmfK…

selectors probed

Certificate (current)

R13

from 2026-05-22 to 2026-08-20

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://www.moveon-luzern.ch/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (8)

Linked from (1)

mygymapp.ch×1