mpk.ch

.ch crawl

First seen 2026-05-26 · Last seen 2026-05-30 · ok HTTP/1.1 200 3046 ms crawled 2026-05-30

CH · 84.16.79.160 · AS29222 Infomaniak Network SA

Reputation 92/100 no dmarc policy

sector finance type homepage

HTML metadata

Title: Migros-Pensionskasse - Home
Language: de

Technology

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (4)

privacy-proxy.usercentrics.eu×3
app.usercentrics.eu×1
www.google.com×1
www.googletagmanager.com×1

Contact

Email

Phone

+41 44 436 81 11

DNS records live

NS

ns1.mpk.ch
ns2.mpk.ch
nsc.brg.ch

MX

10 mpk-ch.mail.protection.outlook.com

Verified for

Adobe
Apple
DocuSign
Microsoft 365

Email authentication weak

SPF

v=spf1 ip4:84.16.79.134/32 ip4:62.2.176.70/32 ip4:81.18.19.26/32 ip4:146.67.238.0/27 ip4:31.11.29.203/32 ip4:31.11.29.204/32 include:spf.crsend.com include:spf.umantis.com include:spf.protection.outlook.com include:_spf-dc57.sapsf.eu -all

strict (-all)

DMARC

not published

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueWhMGrfqCwU3mpZ89Ifnm9pSrFni/lVj8qEBmtIKYCza86CuZkUOS/MrPu7z/LMTww6429oMQsGmd…

selectors probed

Certificate (current)

SwissSign RSA TLS DV ICA 2022 - 1

from 2026-04-30 to 2026-11-14

Expires in 167 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.mpk.ch/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: ALLOWALL
x-content-type-options: nosniff, nosniff, nosniff
content-security-policy: default-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.google-analytics.com https://www.googletagmanager.com https://740.hci-is24.ch https://*.usercentrics.eu https://player.vimeo.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://unpkg.com/smg-layout-solution-loader@1.0/; font-src 'self' https://fonts.gstatic.com https://fast.fonts.net https://fonts.googleapis.com; connect-src 'self' https://*.google-analytics.com https://*.usercentrics.eu; object-src 'self'; style-src 'unsafe-inline' 'self' https://fast.fonts.net https://fonts.googleapis.com; img-src 'self' data: https://*.google-analytics.com https://www.googletagmanager.com https://*.usercentrics.eu https://api.qrserver.com; manifest-src 'self'; frame-src 'self' https://www.google.com/maps/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://vds.issgovernance.com https://pks-live.mpk.ch https://player.vimeo.com https://www.youtube.com https://youtube.com
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Links to (2)

mympk.ch×1
enable-javascript.com×1