indexo.dev

nestlehealthscience.ch

.ch crawl

First seen 2026-05-15 · Last seen 2026-05-20 · ok HTTP/1.1 200 7348 ms crawled 2026-05-20

US · 151.101.130.133 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Willkommen auf der Webseite Nestlé Health Science Schweiz
Description
Wir bieten eine breite Palette an Ernährungslösungen in unseren Bereichen Consumer Care und Medical Nutrition an | Nestlé Health Science
Language
de
Canonical
https://www.nestlehealthscience.ch/de
Translations
  • de
  • fr

Technology

Server
nginx
CMS
Drupal
jQuery
1.7.1 known XSS (<3.5)
Fonts
  • Font Awesome
  • Google Fonts
Third-party hosts loaded (8)
  • unpkg.com×3
  • fonts.googleapis.com×2
  • use.fontawesome.com×2
  • code.jquery.com×1
  • fonts.gstatic.com×1
  • repo.nestle.de×1
  • static.addtoany.com×1
  • www.nestlehealthscience.com×1

Social

DNS records live

NS
  • amsdns1.nestle.com
  • aoadns1.nestle.com
  • ctrdns1.nestle.com
  • eurdns1.nestle.com
TXT
  • 190c55e68ead4987958bd21153a20874
  • fastly-domain-delegation-kfubP6WfPLcvEzts-23032021
Verified for
  • Google

Email authentication no MX

SPF
v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email;
policy: reject (enforced)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3X3bHO2ffxgcXLcGRtm81IxLxIMZ7nYycXSP5hLyfvo06N/M3MQpgvC+mf70b5aK8iLPMdD5GgVtG3yI3S…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvYQzOWdYuB59B/zW1RHy41TIgngXdQqh6K/0/u4xdpEw6LGTAvBiS9crgKsOObrG/IzboZXYVHPlEAEBAt7bRTy…
selectors probed

Certificate (current)

Certainly Intermediate R1
from 2026-05-17 to 2026-06-16
Expires in 26 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.nestlehealthscience.ch/de

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' *.cdn.cookielaw.org *.cookie-cdn.cookiepro.com *.onetrust.com *.mikmak.ai *.swaven.com data-eu.nestlehealthscience.ch https://*.qualtrics.com https://*.adimo.co https://*.adimouat.co https://4dvq37jqcg.execute-api.eu-west-1.amazonaws.com_; object-src *; style-src * 'self' 'unsafe-inline' *.cdn.cookielaw.org *.cookie-cdn.cookiepro.com *.onetrust.com *.mikmak.ai *.swaven.com https://*.adimo.co https://*.adimouat.co https://4dvq37jqcg.execute-api.eu-west-1.amazonaws.com_; img-src * 'self' *.mikmak.ai *.swaven.com *.static-swaven.com data: https:; https://siteintercept.qualtrics.com https://*.adimo.co https://*.adimouat.co https://4dvq37jqcg.execute-api.eu-west-1.amazonaws.com_; media-src *; frame-src * *.mikmak.ai *.swaven.com https://*.qualtrics.com https://*.adimo.co https://*.adimouat.co https://4dvq37jqcg.execute-api.eu-west-1.amazonaws.com_; frame-ancestors 'self' https://*.qualtrics.com; child-src *; font-src * 's
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31622400; includeSubDomains; preload

Links to (4)

Linked from (1)