norkind.ch

.ch crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 722 ms crawled 2026-06-01

US · 172.67.177.193 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Norkind Heimwaren Zürich — Norkind
Language: de

Technology

CDN: Cloudflare
CMS: Gatsby
Stack: PHP

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (4)

res.cloudinary.com×11
www.googletagmanager.com×2
chimpstatic.com×1
use.typekit.net×1

Social

Contact

Phone

DNS records live

NS

eva.ns.cloudflare.com
hank.ns.cloudflare.com

MX

10 mail.norkind.ch

Email authentication weak

SPF

v=spf1 a:norkind.ch mx ~all

softfail (~all)

DMARC

not published

DKIM

mail: v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4+kR9OHLGgm/zM861/sUeKg7btlSYbazAVpG20BNvDhmXSpskTmwLuTBfhk1z/fUEwM/IykuPBHPM0…

selectors probed

Certificate (current)

WE1

from 2026-04-21 to 2026-07-20

Expires in 48 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.norkind.ch/

present

content-security-policy
x-frame-options
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: font-src *.gstatic.com *.cloudinary.com *.fontawesome.com https://fonts.bunny.net https://cdnjs.cloudflare.com *.typekit.net https://upstream.heidipay.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com cloudinary.com *.cloudinary.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com norkind.us10.list-manage.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.c

Links to (1)

instagram.com×1

Linked from (1)

annelutz.ch×1