zuerilaufcup.ch

HTML metadata

Technology

Server

Apache

Third-party hosts loaded (3)

• monitoringapi.goldinteractive.ch×1
• www.facebook.com×1
• www.google.com×1

Social

• facebook
• instagram

DNS records live

NS

• ns5.nine.ch
• ns6.nine.ch

MX

• 10 mx1.nine.ch
• 10 mx2.nine.ch

TXT

• swisssign-check=LqezMSwXCmyLK8cEzaho2XJV3eI

Email authentication partial

SPF

v=spf1 include:_spfip.aspectra.com include:_bulk-spf.datasport.com -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.zuerilaufcup.ch/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• referrer-policy

findings

• short HSTS max-age
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing content type protection
• missing Permissions Policy

Links to (12)

• zkb.ch×1
• zh.ch×1
• wearepepper.ch×1
• swisslos.ch×1
• sponser.ch×1
• outdatedbrowser.com×1
• instagram.com×1
• facebook.com×1
• datasport.com×1
• craftsportswear.ch×1
• bio-familia.com×1
• alphafoto.com×1

Linked from (1)

• datasport.com×1