coop-mineraloel.ch

.ch crawl

First seen 2026-05-23 · Last seen 2026-05-28 · ok HTTP/1.1 200 930 ms crawled 2026-05-28

CH · 217.20.192.17 · AS24951 EveryWare AG

Reputation 92/100 weak subdomain policy

Classifying

HTML metadata

Title

Coop Pronto AG - Herzlich willkommen - Coop Mineraloel

Description

Die Coop Pronto AG ist ein dynamisches und erfolgreiches Unternehmen der Coop Gruppe.

Language

Generator

TYPO3 CMS

Canonical

https://www.coop-mineraloel.ch/de/

Translations

Open Graph

title: Willkommen bei der Coop Pronto AG

Technology

Server: nginx
jQuery: 2.1.3 known XSS (<3.5)

Analytics

Google Tag Manager

Third-party hosts loaded (3)

libs.coop.ch×2
ajax.googleapis.com×1
www.googletagmanager.com×1

DNS records live

NS

ch.pro.io
nl.pro.io
p.dnh.net

MX

10 coopmineraloel-ch01b.mail.protection.outlook.com

TXT

XubHnd6InZgEC8FH0KaZRQVZFsLVV4c/62wXQYMTAZUOMZpDzI0NhZ34ZEnq5crYJVMSxljIhJLdZlPjEPML7g==

Verified for

Adobe
DocuSign
Microsoft 365
Miro

Email authentication strong

SPF

v=spf1 ip4:217.20.192.17 ip4:213.193.109.130 ip4:46.140.190.210 include:spf.protection.outlook.com include:_spf-dc2.successfactors.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; sp=none; rua=mailto:dmarc_agg@vali.email,mailto:re+4e08ae810b7f@inbound.dmarcdigests.com;

policy: reject (enforced) · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfs0FDsWztSWRFvE0IC4WhVCUPuDo9zJHdgbF1ptHgJ9Fbl7ePZMTSEfAyY9N7qcxM3MtzJ7MbBPgn/IrT4T…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA244TeoocdSuCpg51QrVKOFgMJwmh6cYSv3M9YuCDGgzat+5GSxkhxdEbcoe0JkiJ/WoN2CsjelNsWA…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-11-18 to 2026-12-20

Expires in 200 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.coop-mineraloel.ch/de/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: same-origin
permissions-policy: geolocation=(self), camera=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval';
strict-transport-security: max-age=63072000; preload, max-age=63072000

Links to (2)

coop-heizoel.ch×1
coop-pronto.ch×1

Linked from (1)

microtom.com×1