mccormick.ch
mccormick.ch
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- cdn.cookielaw.org×2
- fast.fonts.net×2
- fonts.googleapis.com×1
- fonts.gstatic.com×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns-1311.awsdns-35.org
- ns-147.awsdns-18.com
- ns-1984.awsdns-56.co.uk
- ns-588.awsdns-09.net
- MX
-
- 0 mccormick-ch.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:bfc1e8a5fb1c459@rep.dmarcanalyzer.com; ruf=mailto:bfc1e8a5fb1c459@for.dmarcanalyzer.com; pct=100; fo=1;policy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSNS0DH8JOwlX2fdlabA9JNHVfjDpsdzofuI8NJSvWCz0qJnM0oImvnwaP5fPxjdug39Sgy9i5c5hYujVUvX… - selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCV4II4B08E5DdGrHwrXuM6bx4yDYfR9JDrOR6f1jkTgtpwEIr9qLsFI9ZYWOxM92BmfgRgMZGKWl6ovjr641…
selectors probed - selector1:
Certificate (current)
GeoTrust TLS RSA CA G1
Expires in 48 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src https: 'self'; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: *; media-src blob: 'self' *; font-src 'self' data: *; connect-src 'self' *; child-src blob: 'self' *; block-all-mixed-content;- strict-transport-security
max-age=31536000