msd.ch
msd.ch
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
Third-party hosts loaded (3)
- cdn.cookielaw.org×2
- gmpg.org×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns-1059.awsdns-04.org
- ns-123.awsdns-15.com
- ns-1916.awsdns-47.co.uk
- ns-779.awsdns-33.net
- TXT
-
Show 4 TXT records
pp31zylz10c7y1wb08vpf72hbsdflr5wv=spf2.0/pra mx a ip4:81.91.104.0/24 ~all4ldlxfr6b4k8kw9w2nr74cpxsg5grq3bMeTGOqavFpJHTXthvgJ9bV8mKyzhppwi1UU7//0uiN1up4poxVnpxnM7160koS+WB1i+vP+LfQ2IIMreCo6zCg==
- Verified for
-
- Meta
- Microsoft 365
Email authentication no MX
- SPF
-
v=spf1 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:dcm_rua_reports@merck.com; ruf=mailto:dcm_ruf_reports@merck.compolicy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 32 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'self' 'unsafe-inline' https:; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' https: data:; media-src 'self' https: data: blob:; object-src 'none'; font-src 'self' https: data:; default-src 'self' https: wss:; base-uri 'none';- strict-transport-security
max-age=31536000
Links to (10)
Linked from (8)
- healthdata.ai×1
- mymsd.ch×1
- msd-gesundheit.ch×1
- sva.ch×1
- seantis.ch×1
- shqa.ch×1
- lgbti-label.ch×1
- gsasa.ch×1