indexo.dev

safebits.ch

.ch user

First seen 2026-06-02 · Last seen 2026-06-02 · ok HTTP/1.1 200 177 ms crawled 2026-06-02

CH · 82.197.162.20 · AS13030 Init7 (Switzerland) Ltd.

Reputation 100/100

sector tech type landing page

HTML metadata

Title
CryptPad: Collaboration suite, encrypted and open-source

Open Graph

url
https://safebits.ch/index.html
title
CryptPad: end-to-end encrypted collaboration suite
description
CryptPad: end-to-end encrypted collaboration suite

Technology

Server
Caddy

DNS records live

NS
  • merkur.geoweb.ch
  • merkur.holzapfel.ch
  • merkur.safebits.org
  • merkur.waldvogel.family
MX
  • 10 mail.netfuture.ch

Email authentication strong

SPF
v=spf1 mx a:relay.holzapfel.ch a:relay.netfuture.ch -all
strict (-all)
DMARC
v=DMARC1; p=reject; sp=reject; adkim=r; aspf=r; rua=mailto:dkim@netfuture.ch; fo=1:d:s; ruf=mailto:dkim@netfuture.ch
policy: reject (enforced) · sp=reject
DKIM
  • dkim: v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrrdUF3ogR00s2ePHUsuHOtooV0q021zqN08yBsmczDfc7IRvwoYYWpLUA9gPOfKgW/p…
selectors probed

Certificate (current)

E8
from 2026-04-08 to 2026-07-07
Expires in 26 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://safebits.ch/

present
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
Header values
referrer-policy
same-origin
permissions-policy
interest-cohort=()
x-content-type-options
nosniff
content-security-policy
default-src 'none'; style-src 'unsafe-inline' 'self' https://safebits.ch; font-src 'self' data: https://safebits.ch; child-src https://safebits.ch; frame-src 'self' blob: https://sandbox.safebits.ch; connect-src 'self' blob: https://safebits.ch https://sandbox.safebits.ch wss://safebits.ch; img-src 'self' data: blob: https://safebits.ch; media-src blob:; frame-ancestors 'self' https://safebits.ch; worker-src 'self'; script-src 'self' resource: https://safebits.ch
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin

Use this data via API

Everything on this page for safebits.ch is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/safebits.ch" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →