musikschule-horw.ch
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
Social
Contact
- Phone
DNS records live
- NS
-
- ch.pro.io
- nl.pro.io
- p.dnh.net
- MX
-
- 10 mail.musikschule-horw.ch
- Verified for
-
Email authentication weak
- SPF
-
v=spf1 include:_spf.sui-inter.net -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificates
Loading certificate
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
base-uri 'self';block-all-mixed-content;child-src 'self' https://*.infomaniak.com https://*.vimeo.com https://*.youtube.com https://checkout.stripe.com https://pay.datatrans.com https://pay.sandbox.datatrans.com https://www.publicjobs.ch/karriereseite/Schule-Horw/~art737;connect-src 'self' *.sentry.io https://api.mapbox.com https://cdn.jsdelivr.net https://checkout.stripe.com https://geodesy.geo.admin.ch https://map.geo.bs.ch https://maps.zg.ch https://stats.seantis.ch/ https://wms.geo.admin.ch/ https://wmts.geo.bs.ch;default-src 'self';font-src 'self' data: http: https:;form-action 'self';img-src 'self' data: http: https:;object-src 'none';script-src 'nonce-V/RG1vcJfXy03T1srw9oPQ==' 'self' https://browser.sentry-cdn.com https://checkout.stripe.com https://js.sentry-cdn.com https://pay.datatrans.com https://pay.sandbox.datatrans.com https://stats.seantis.ch/;style-src 'self' 'unsafe-inline' https:- strict-transport-security
max-age=31536000; includeSubDomains