indexo.dev

hansemerkur.ch

.ch crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1183 ms crawled 2026-05-30

DE · 185.190.195.111 · AS206266 HanseMerkur Krankenversicherung AG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Reiseversicherung online buchen | HanseMerkur
Description
Die beste Reiseversicherung für entspannte Ferien ☀️ – umfassend abgesichert in der Schweiz und auf Reisen weltweit. Jetzt beim Testsieger abschliessen✔️
Language
de-CH
Canonical
https://www.hansemerkur.ch/
Translations
  • de
  • en
  • fr
  • it

Open Graph

url
https://www.hansemerkur.ch/
title
HanseMerkur
description
Die beste Reiseversicherung für entspannte Ferien ☀️ – umfassend abgesichert in der Schweiz und auf Reisen weltweit. Jetzt beim Testsieger abschliessen✔️

Technology

Server
HM-HCP
Cookie consent
  • Usercentrics

Third-party hosts loaded (1)

  • app.usercentrics.eu×1

Social

DNS records live

NS
  • lars.ns.cloudflare.com
  • tani.ns.cloudflare.com
MX
  • 10 vamail01.hansemerkur.de
  • 10 vamail02.hansemerkur.de
  • 20 vamail03.hansemerkur.de
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com mx:hansemerkur.de -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • dkim: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8zEBZnM6aW6PhO22wSjp47g7mpkALv7RLn0U+0QKAmKyoFs0ZQFoBrnRiDTgR3B2U+zEii8/9+n9TptD5aNY…
selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1
from 2026-04-22 to 2026-11-07
Expires in 159 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.hansemerkur.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
connect-src 'self' *.tuerchen.com tuerchen.app *.tuerchen.app *.etracker.de *.etracker.com *.usercentrics.eu *.cmp.usercentrics.eu *.novomind.com *.ekomiapps.de *.google.de *.googleadservices.com *.google.com *.googlesyndication.com *.google-analytics.com *.doubleclick.net *.bing.net *.bing.com *.trbo.com *.quantserve.com *.hansemerkur-vertriebsportal.de *.hansemerkur.de *.fitrockr.com *.heyflow.com *.loyjoy.com *.moin.ai wss://bot.moin.ai *.qualtrics.com *.clarity.ms; default-src 'self'; font-src 'self' data: *.novomind.com font.gstatic.com *.tuerchen.app core.tuerchen.com *.loyjoy.com *.heyflow.cloud *.moin.ai; frame-ancestors 'self' *.hanse-merkur.de newapp.etracker.com app.etracker.com localhost *.hokify.de www.dwin1.com; frame-src 'self' blob: hansemerkur.happymo.re *.usercentrics.eu *.cmp.usercentrics.eu youtube.com *.youtube.com *.youtube-nocookie.com *.novomind.com *.kasko.io *.kaskocloud.com *.google.com *.trbo.com *.facebook.com *.pantumdetect.com *.awin1.com *.hansemerkur.d
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (11)

Linked from (5)