spirig-healthcare.ch

HTML metadata

Title

Spirig HealthCare AG | Spirig Healthcare AG

Description

„Caring for people’s health“ lautet unsere Mission. Diese nehmen wir uns Tag für Tag zu Herzen.

Language

de-CH

Canonical

https://www.spirig-healthcare.ch/

Translations

de
fr

Open Graph

url: https://www.spirig-healthcare.ch/
title: Spirig HealthCare AG | Spirig Healthcare AG
site name: Spirig Healthcare AG
description: „Caring for people’s health“ lautet unsere Mission. Diese nehmen wir uns Tag für Tag zu Herzen.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Third-party hosts loaded (2)

d2bsmcxn1ktf42.cloudfront.net×27
www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS

ns1.opportunity.de
ns2.opportunity.de
ns3.opportunity.de

MX

50 stada-de.mail.protection.outlook.com

TXT

Show 5 TXT records

adobe-sign-verification=ea462ee0cdffdf5010f6dd8c7ca9cd4
tfhlK+BDZH8YA6nKLYOb4X7OK58IRM0No2p6ZBcLv8nEk3ZrGRYKd6FfMTwjM5/RVIHoQr5qyYH5ZFDs0f0Ktw==
iid-domain-verification=cd81fd7a-25d3-49a1-b188-c13ad3f10468
dtm-domain-verification=G68JDIjaVL1TcBOqXnVtkmAWDaohSrrwi2UXB6DhVVo
knowbe4-site-verification=b8e40aa6659fb5f105483dc72a3caec8

Verified for

Anthropic
Google
Google Workspace
Microsoft 365
OneTrust
TeamViewer

Email authentication strong

SPF

v=spf1 a mx ip4:130.214.193.83 ip4:130.214.193.93 ip4:130.214.193.78 ip4:130.214.193.85 include:_u.stada.de._spf.smart.ondmarc.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; fo=1; ri=3600; rua=mailto:9b1c90e3@inbox.ondmarc.com; ruf=mailto:9b1c90e3@inbox.ondmarc.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+JyR9TBYpnnFk2zMGKvqrfaaRAG53aH15DClvR8huZNoRTvWOX/FIIsrd/LULqvG07spFTTLjwAUz…

selectors probed

Certificate (current)

E8

from 2026-05-13 to 2026-08-11

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.spirig-healthcare.ch/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: ALLOW-FROM https://www.docinside.ch
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src *; font-src 'self' d2bsmcxn1ktf42.cloudfront.net use.typekit.net; frame-src 'self' app.usercentrics.eu *.google.com *.youtube.com *.youtube-nocookie.com *.facebook.com insight.adsrvr.org; img-src 'self' d2bsmcxn1ktf42.cloudfront.net *.juicer.io dashboard.umbraco.org *.usercentrics.eu maps.gstatic.com maps.googleapis.com *.google-analytics.com bat.bing.com *.facebook.com *.kairion.de data:; media-src *; object-src *; script-src 'self' d2bsmcxn1ktf42.cloudfront.net ajax.aspnetcdn.com app.usercentrics.eu maps.googleapis.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.youtube.com bat.bing.com connect.facebook.net js.adsrvr.org *.kctag.net 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; manifest-src 'self' d2bsmcxn1ktf42.cloudfront.net;
strict-transport-security: max-age=31536000; preload