indexo.dev

mympk.ch

.ch crawl

First seen 2026-05-30 · Last seen 2026-05-30 · ok HTTP/1.1 200 483 ms crawled 2026-05-31

CH · 5.144.44.167 · AS50785 Netrics AG

Reputation 100/100

Classifying

HTML metadata

Title
myMPK - Login
Language
de

Technology

Server
nginx
Analytics
  • Google Tag Manager
Cookie consent
  • Usercentrics

Third-party hosts loaded (3)

  • privacy-proxy.usercentrics.eu×3
  • app.usercentrics.eu×1
  • www.googletagmanager.com×1

DNS records live

NS
  • ns1.netrics.ch
  • ns2.netrics.ch
MX
  • 0 mympk-ch.mail.protection.outlook.com
TXT
  • b3mb7hy27k5xckznc2063w8h65gq5b9l
  • QuoVadis=63005706-2690-4582-8bfd-caf596bcdcdf
  • swisssign-check=4YAa45v-nMOxr1wT-bRJcUUQxzQ
Verified for
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:spf.migros.ch -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:fadhncd0@ag.eu.dmarcian.com; ruf=mailto:fadhncd0@fr.eu.dmarcian.com;
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuRBnepnANmoFv5kk8zaoDL57vR8FTTIlOBpeSQneKwYAGMsjgWeVNLq69I+FeuM6njHDvoXJNoXVz…
selectors probed

Certificate (current)

SwissSign RSA TLS DV ICA 2022 - 1
from 2026-04-02 to 2026-10-17
Expires in 138 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://mympk.ch/login

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://sentry.intersim.ch https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://*.google-analytics.com https://*.usercentrics.eu; font-src 'self' https://fonts.gstatic.com https://fast.fonts.net https://fonts.googleapis.com; connect-src 'self' https://sse.mympk.ch/.well-known/mercure https://www.mpk.ch https://sentry.intersim.ch https://*.google-analytics.com https://*.usercentrics.eu; object-src 'self'; style-src 'unsafe-inline' 'self' https://fast.fonts.net https://fonts.googleapis.com https://www.googletagmanager.com; img-src 'self' data: https://i.vimeocdn.com https://www.mpk.ch/ https://*.google-analytics.com https://www.googletagmanager.com https://fonts.gstatic.com https://*.usercentrics.eu; manifest-src 'self'; frame-src 'self' https://player.vimeo.com/ https://youtube.com/ https://www.youtube.com/ https://www.google.com/; media-src 'self'
strict-transport-security
max-age=31536000; includeSubDomains

Links to (1)

Linked from (1)