opeo.ch
HTML metadata
Technology
- Server
- nginx
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (1)
- www.googletagmanager.com×1
Social
Contact
- Phone
- Address
- Suisse
DNS records live
- NS
-
- ns11.infomaniak.ch
- ns12.infomaniak.ch
- MX
-
- 0 opeo-ch.mail.protection.outlook.com
- TXT
-
v=DMARC1; p=none; fo=1
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com include:_spf.ch-dns.net -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 39 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self' *.g.doubleclick.net *.google-analytics.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'nonce-iFVFtX9jLprzk_6P5jTYJsqqzi6af5o-pODHyt9vnlJHlgjDi7JLew' *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.gstatic.com 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.gstatic.com; base-uri 'self'; frame-src 'self' *.google.com *.youtube-nocookie.com; style-src 'self' 'unsafe-inline' data: *.googleapis.com 'report-sample'; report-uri https://opeo.ch/@http-reporting?csp=report&requestTime=1780353208162220&requestHash=04628cd19ed11829dbac1132005a1bb12497c657
Links to (5)
- linkedin.com×1
- instagram.com×1
- hemmer.ch×1
- goutte.ch×1
- facebook.com×1