invia.ch

.ch crawl

First seen 2026-05-21 · Last seen 2026-05-30 · ok HTTP/1.1 200 4129 ms crawled 2026-05-27

CH · 217.150.245.190 · AS29691 Nine Internet Solutions AG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Mobilität für Graubünden | invia – öV Graubünden.
Description: invia fördert die Mobilität in Graubünden. Mit invia kommen Sie im öffentlichen Verkehr schneller und einfacher ans Ziel. invia – gemeinsam unterwegs.
Language: de

Open Graph

url: https://invia.ch/DE/home.html
title: Mobilität für Graubünden | invia – öV Graubünden.
site name: graubünden invia
description: invia fördert die Mobilität in Graubünden. Mit invia kommen Sie im öffentlichen Verkehr schneller und einfacher ans Ziel. invia – gemeinsam unterwegs.

Technology

Server: Apache
jQuery: 3.5.1
Stack: PHP

Third-party hosts loaded (2)

cdn.weglot.com×1
s3.amazonaws.com×1

Social

Contact

Email

info@invia.ch

Phone

+41 81 288 43 44

DNS records live

NS

ns.hostpoint.ch
ns2.hostpoint.ch
ns3.hostpoint.ch

MX

0 invia-ch.mail.protection.outlook.com

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:5.148.183.98/32 ip4:5.148.183.72/32 ip4:5.148.188.19/32 include:spf.protection.outlook.com include:spf.mail.hostpoint.ch a:mnc-mail.smsbox.ch -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

R12

from 2026-05-04 to 2026-08-02

Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://invia.ch/DE/home.html

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-YMm2wqGWzqqQoaDF3IvLPw==' 'unsafe-eval' 'sha256-hSrxDOhQqsfSysSVjG6nWmmZAAEQTcdg7sWJuTeQUOU=' https://cdn-cookieyes.com https://*.cookieyes.com https://*.facebook.com https://templates.nextbike.net https://cdn.weglot.com https://s3.amazonaws.com https://www.googletagmanager.com https://www.google-analytics.com https://connect.facebook.net https://invia.us21.list-manage.com https://static.landbot.io https://tracking.invia.ch https://unpkg.com https://players.yumpu.com https://www.yumpu.com https://youtube.com; style-src 'self' 'unsafe-inline' https://templates.nextbike.net https://cdn.weglot.com https://cdn.landbot.io https://www.googletagmanager.com https://fonts.googleapis.com; img-src 'self' data: https://cdn-cookieyes.com https://www.facebook.com https://www.googletagmanager.com https://storage.googleapis.com https://gr-invia.ch https://invia.ch https://www.google.ch https://*.tile.openstreetmap.org https://static.nextbike.net https://fon
strict-transport-security: max-age=63072000; includeSubDomains