ncsports.ch
Technology
- Server
- nginx
DNS records live
- NS
-
- ns1.infomaniak.ch
- ns2.infomaniak.ch
- MX
-
- 5 mta-gw.infomaniak.ch
Email authentication weak
- SPF
-
v=spf1 include:spf.infomaniak.ch ?allneutral (?all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 49 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self' 'unsafe-inline' https://www.google.com/ https://*.qwerpy.com/ https://fonts.googleapis.com/ https://fonts.gstatic.com/; font-src https://fonts.googleapis.com/ https://fonts.gstatic.com/ 'self' data:; style-src-elem https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://*.qwerpy.ch/ https://*.ncsports.ch/ https://ncsports-frontend.swarm-scw.qwerpy.dev/; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://*.qwerpy.com/ https://www.google.com/; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://*.qwerpy.com/; connect-src 'self' https://jsonip.com/ https://*.qwerpy.com/ https://ipinfo.io/ https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; frame-ancestors 'self'; frame-src 'self' https://*.youtube.com/ https://*.youtu.be/ https://*.vimeo.com/ https://*.google.com/
Linked from (5)
Use this data via API
Everything on this page for ncsports.ch is available as JSON from the indexo.dev REST & MCP API.
curl "https://indexo.dev/api/v1/domains/ncsports.ch" \ -H "X-API-Key: idx_..."