hesge.ch

HTML metadata

Title

HES-SO Genève | Je construis mon avenir avec une formation HES

Description

La HES-SO Genève offre des formations tertiaires de niveau universitaire axées sur la pratique professionnelle. Elle dispense des bachelors et masters.

Language

fr

Generator

Drupal 10 (https://www.drupal.org); Commerce 3

Canonical

https://www.hesge.ch/geneve/

Translations

fr

Open Graph

title: HES-SO Genève | Je construis mon avenir avec une formation HES
description: La HES-SO Genève offre des formations tertiaires de niveau universitaire axées sur la pratique professionnelle. Elle dispense des bachelors et masters.

Technology

Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (4)

use.typekit.net×2
cdn.lordicon.com×1
www.google.com×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

Address

Rue de la Tambourine 21227

DNS records live

NS

nsc21.infomaniak.com
nsc22.infomaniak.com
scsnms.switch.ch

MX

0 hesge-ch.mail.protection.outlook.com

TXT

Show 10 TXT records

swisssign-check=lN8xqjbKYnj41tYzcb3qzHpOk5g
easydmarc-verification:a1ecbe8e-10d8-4047-957a-8db28e566293
linkedin-site-verification=1a5a38ca-bf40-4b30-a90e-4b80049ce9bf
bw=9WMEJu2o/R0mGj21nfRxrc7hhuiFDpoBDq1atVeS+Ss1
MS=ms83163758
atlassian-domain-verification=aYKtSixbXwlPHiy4gDH8I8T0aZ9EwzsbtalUt1COkzv29aBRU9y/EvTo6YFC9wNu
swisssign-check=Co3eSezFQNS2z0l9qZax7zR-jkk
have-i-been-pwned-verification=eac069a3802cbdbb1fbc3adfa9d4ac69
swisssign-check=-nc1u8nkcYrCihdNoxSgiDayUaU
swisssign-check=SqGgYQEYbdNRR1Zu-ziwC42ki4o

Email authentication partial

SPF

v=spf1 include:_spf.hesge_ch._d.easydmarc.pro -all

strict (-all)

DMARC

v=DMARC1;p=none;rua=mailto:bdeb54cf89@rua.easydmarc.us;ruf=mailto:bdeb54cf89@ruf.easydmarc.us;fo=1;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RYaCBMe0JeP6a8UwYny8ul7T5qh1FqRJBMBzuxLqyU3H0cr/mTsk2g1W06dmtUYag+zMSFb5bCXiT…

selectors probed

Certificate (current)

SwissSign RSA TLS OV ICA 2022 - 1

from 2026-03-09 to 2027-03-09

Expires in 294 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.hesge.ch/geneve/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.lordicon.com *.google-analytics.com *.doubleclick.net *.googleadservices.com *.googletagmanager.com *.cloudflare.com; style-src 'self' 'unsafe-inline' *.typekit.net *.cloudflare.com; img-src 'self' data: cdn.lordicon.com *.google-analytics.com *.googletagmanager.com *.google.com *.google.ch *.doubleclick.net *.googleadservices.com *.linkedin.com *.facebook.com; frame-src 'self' *.youtube.com *.youtube-nocookie.com *.vimeo.com vimeo.com *.google.com *.google-analytics.com *.googletagmanager.com *.issuu.com; font-src 'self' *.typekit.net; connect-src 'self' cdn.lordicon.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.linkedin.com *.facebook.com; report-uri /geneve/report-csp-violation
strict-transport-security: max-age=3153600; includeSubDomains