indexo.dev

volkswagen.ch

.ch crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 792 ms crawled 2026-05-30

US · 75.2.74.46 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Volkswagen Schweiz | Starten Sie Ihre Fahrt hier!
Description
Die offizielle Website von Volkswagen. Informationen zu aktuellen Modellen, Angebote & Aktionen, Kundenportal, Service und Zubehör.
Language
de
Canonical
https://www.volkswagen.ch/de.html

Open Graph

url
https://www.volkswagen.ch/de.html
title
Volkswagen Schweiz | Starten Sie Ihre Fahrt hier!
description
Die offizielle Website von Volkswagen. Informationen zu aktuellen Modellen, Angebote & Aktionen, Kundenportal, Service und Zubehör.

Technology

CMS
Gatsby

Third-party hosts loaded (5)

  • assets.volkswagen.com×15
  • feature-services.vwonehub.io×1
  • v1-539-7.mofa.feature-app.io×1
  • v3-115-2.gsl.feature-app.io×1
  • vw-tam.lighthouselabs.eu×1

Social

DNS records live

NS
  • a.portsdns.se
  • b.portsdns.net
MX
  • 10 volkswagen-ch.mail.protection.outlook.com
Verified for
  • Apple
  • Google
  • Meta
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:postmaster@volkswagen.ch
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWyQ1P3xd7Kg/JDB6924SddOPenj5D7HTrklET3FgMYIHTOTqyaB1p9zJy9axV2p0JjzufcTcql057Un0Com…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2025-07-15 to 2026-08-14
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.volkswagen.ch/de.html

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: blob: *; media-src https: data: blob: *; object-src 'none'; frame-ancestors 'none'; connect-src * data: blob: ; base-uri 'self'; upgrade-insecure-requests; font-src https: 'unsafe-inline' data: 'unsafe-inline'; worker-src * blob:;
strict-transport-security
max-age=31536000

Links to (12)

Linked from (6)