igeho.ch
HTML metadata
Technology
- Server
- nginx
- PHP
- 8.3.30 security-only
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
Third-party hosts loaded (2)
- cdn.cookielaw.org×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns1-05.azure-dns.com
- ns2-05.azure-dns.net
- ns3-05.azure-dns.org
- ns4-05.azure-dns.info
- MX
-
- 10 mchgroup.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
QKyPk1yICs9gK0c1YOyAz5HJyn6MdRQYm659Lg+Luqcci15Ryw5pAaYKAfbYU4yD88f+/PZpOAKjaPKOu+hQIA==0CAFDD32-AF88-42A5-A927-D185783216507/tBKVGd2n4fjyLBmR/sF+2c8+2Ud69iRpUADHPk92yNnUVE7vug4LTDypCwEedD0+VTlh5nHlDsnzVU3EZJLg==QuoVadis=ab65581c-0c41-4d57-a077-98ef81310054.
- Verified for
-
- Meta
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 mx ip4:194.124.202.1/23 mx:messe.ch include:amazonses.com include:spf.protection.outlook.com a:hosting.mch-group.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc-reports@mch-group.compolicy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAxejAFbTjJVLmCv5+VQTRG8zCMNcYo17BMMJBWlVmfp9OyUsr8+N0jA3mPRvK0yvXnB6ZZmqHW3jX… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50vXkDtxoquGOvXZ22vM5fuGACiPSB9fr/8lLY1C3Cq0M1VFwbhfixWB0wRlq+H4I2WPVOEVuEBeWC/JPL… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Db0ljM+lb25eSs20Z+ADivP2lXN6cHBGVF9FGIlACdenvdptLDodznjlyw9VLb/Ha8kI6JKhjrCOFoKvs…
selectors probed - selector1:
Certificate (current)
R13
Expires in 67 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
interest-cohort=()- x-content-type-options
nosniff- content-security-policy
default-src 'self';base-uri 'self';form-action 'self' https://forms.mch-group.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' static.hotjar.com *.salesforce.com https://formcycle.mch.digital https://forms.mch-group.com https://ajax.googleapis.com https://cdn.cookielaw.org https://cdn.jsdelivr.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com pagead2.googlesyndication.com;style-src 'self' 'unsafe-inline' https://formcycle.mch.digital https://use.fontawesome.com;img-src 'self' data: https://mam.mch-group.com *.linkedin.com *.facebook.com https://cdn.cookielaw.org *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com *.google.ch pagead2.googlesyndication.com img.youtube.com;font-src 'self' data: https://*.fontawesome.com;media-src 'self' https://mam.mch-group.com;connect-src 'self' *.hotjar.com *.hotjar.io static.hotja- strict-transport-security
max-age=31536000; includeSubDomains
Links to (15)
- aligro.ch×1
- apple.com×1
- emmi.com×1
- facebook.com×1
- hug-foodservice.ch×1
- ikea.com×1
- instagram.com×1
- liebherr.com×1
- linkedin.com×1
- lusini.com×1
- mch-group.com×1
- nespresso.com×1
- schaerer.com×1
- spotify.com×1
- youtube.com×1