coop-pronto.ch

HTML metadata

Title

Einkaufen und Tanken - Coop Pronto | Coop Pronto

Description

Coop Pronto steht für das Schnelle und Frische von früh bis spät. Und dies in über 300 Coop Pronto Shops mit oder ohne Tankstelle.

Language

de

Generator

SEOmatic

Canonical

https://www.coop-pronto.ch/de

Translations

de
fr
it

Open Graph

url: https://www.coop-pronto.ch/de/
title: Einkaufen und Tanken - Coop Pronto
locale: de
site name: Coop Pronto
description: Coop Pronto steht für das Schnelle und Frische von früh bis spät. Und dies in über 300 Coop Pronto Shops mit oder ohne Tankstelle.
country-name: CH
locale:alternate: fr

Technology

Server: nginx

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Address: Hegenheimermattweg 65, 4123, Allschwill, Basel Land, Schweiz

DNS records live

NS

ch.pro.io
nl.pro.io
p.dnh.net

MX

10 cooppronto-ch01b.mail.protection.outlook.com

TXT

have-i-been-pwned-verification=dweb_0rmpgao2mrho4ihtassi8ekz
zfb8s4nn7zyvzsphjjyph8gm61g8k305

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:217.20.192.17 ip4:217.20.195.101 ip4:213.193.109.130 ip4:46.140.190.210 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email,mailto:re+3bb21f3aaf9a@inbound.dmarcdigests.com

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBLkPuPqdc612lAMXSLg5yzmknR34bkAABRIhYcCVL6VcCDQB6GCiYNG1boM+0zFhg/JSNVVSi8+c+Np7uAe…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlScxVFk+xXGZg397dYzquhz/C07FcOyHH3sGYDu518lvhHwgxt4BOID9vMsO5HTr3UHbZCD8PCvr61…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-06-10 to 2026-07-12

Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.coop-pronto.ch/de

present

strict-transport-security
content-security-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self' *.ateleris.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.braintainment.com *.ateleris.com *.recaptcha.net *.google-analytics.com *.googletagmanager.com *.tiqcdn.com *.usercentrics.eu *.facebook.net *.google.com *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.braintainment.com *.ateleris.com *.googleapis.com; font-src 'self' data: *.braintainment.com *.ateleris.com *.gstatic.com; connect-src 'self' *.braintainment.com *.ateleris.com *.craftcms.com *.usercentrics.eu *.google-analytics.com *.google.com *.doubleclick.net *.run.app *.conversionsapigateway.com *.facebook.com *.googleapis.com webpack://*; img-src 'self' *.braintainment.com *.ateleris.com *.usercentrics.eu data: *.facebook.com *.googleapis.com *.gstatic.com *.facebook.net *.googletagmanager.com *.google.ch *.ytimg.com *.coop.ch; frame-src 'self' *.facebook.com *.ateleris.com *.recaptcha.net *.usercentrics.eu *.doubleclick.net *.youtube-nocookie.com *.google.com;
strict-transport-security: max-age=31536000