pedeus.ch
pedeus.ch
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Cookiebot
- Fonts
-
- Google Fonts
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (4)
- consent.cookiebot.com×1
- fonts.googleapis.com×1
- player.vimeo.com×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns01.one.com
- ns02.one.com
- MX
-
- 0 pedeus-ch.mail.protection.outlook.com
- TXT
-
mu4morr5un23ohesal39u6i1l0
- Verified for
-
Email authentication weak
- SPF
-
v=spf1 include:_custspf.one.com ip4:193.169.83.0/24 include:spf.protection.cyon.net include:spf.protection.outlook.com ip4:193.169.82.141 ip4:193.169.82.142 -allstrict (-all) - DMARC
- not published
- DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
R12
Expires in 51 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.google.ch/ads/ https://imgsct.cookiebot.com www.googletagmanager.com; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://paperform.co https://*.cookiebot.com; object-src 'none'; frame-src 'self' https://*; connect-src 'self' https://*.analytics.google.com https://*.cookiebot.com www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com- strict-transport-security
max-age=63072000; includeSubDomains
Links to (3)
- vimeo.com×1
- twitter.com×1
- linkedin.com×1