indexo.dev

hecht-holzbau.ch

.ch crawl

First seen 2026-05-23 · Last seen 2026-05-31 · ok HTTP/1.1 200 1413 ms crawled 2026-05-28

US · 18.165.183.6 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
HECHT HOLZBAU AG :: Einzigartige Holzbaulösungen
Description
Hecht Holzbau AG ist das führende Holzsystembau-Unternehmen für individuelle und einzigartige Holzbaulösungen aus Schweizer Holz.
Language
de
Generator
Contens
Canonical
https://www.hecht-holzbau.ch/home

Open Graph

url
https://www.hecht-holzbau.ch/home
title
HECHT HOLZBAU AG : Einzigartige Holzbaulösungen
description
Hecht Holzbau AG ist das führende Holzsystembau-Unternehmen für individuelle und einzigartige Holzbaulösungen aus Schweizer Holz.

Technology

CDN
Amazon CloudFront
jQuery
3.7.1
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • cdn.cookiehub.eu×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.exenti.ch
  • ns2.exenti.ch
MX
  • 0 hechtholzbau-ch01c.mail.protection.outlook.com

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:servers.mcsv.net include:spf.creanet.ch include:cemsc.net -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2025-12-21 to 2027-01-20
Expires in 233 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.hecht-holzbau.ch/home

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), microphone=()
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'self' https://fonts.gstatic.com/ https://*.typekit.net; script-src 'self' 'nonce-3EEEA58E549342E6B97956A35D55FD50' https://cookiehub.net https://maps.google.com/ https://*.opendatasoft.com https://www.google.com/recaptcha/api.js https://www.googletagmanager.com/gtag/js https://cookiehub.net https://*.bugherd.com/ https://www.privacybee.ch https://*.privacybee.io; style-src 'self' 'unsafe-inline' https://*.typekit.net https://cookiehub.net https://cdn.cookiehub.eu https://fonts.googleapis.com/ https://www.privacybee.ch https://*.privacybee.io; img-src 'self' data: https://*.creanet.ch https://img.youtube.com/ https://*.google-analytics.com https://maps.gstatic.com https://www.googletagmanager.com https://maps.google.com https://sidebar.bugherd.com/ https://*.cloudfront.net/assets/ https://bugherd-attachments.s3.amazonaws.com/; font-src 'self' https://use.typekit.net; frame-src 'self' https://biganto.com/ https://www.google.com https://*.youtube.com https://
strict-transport-security
max-age=31536000

Links to (19)

Linked from (10)