zugestates.ch

HTML metadata

Title: Zug Estates Home
Description: Lebensraum entwickeln - nachhaltig Werte schaffen.
Language: de
Canonical: https://zugestates.ch/

Open Graph

url: https://zugestates.ch/
title: Homepage - zugestates
locale: de
site name: zugestates
description: Lebensraum entwickeln - nachhaltig Werte schaffen.
locale:alternate: en_US

Technology

Server: nginx

Analytics

Google Tag Manager

Cookie consent

Usercentrics

Third-party hosts loaded (4)

zes-bucket01.fra1.digitaloceanspaces.com×17
cdn.jsdelivr.net×4
web.cmp.usercentrics.eu×2
www.googletagmanager.com×1

Social

Contact

Email

info@zugestates.ch

Phone

+41 41 729 10 10

DNS records live

NS

ns1-36.azure-dns.com
ns2-36.azure-dns.net
ns3-36.azure-dns.org
ns4-36.azure-dns.info

MX

10 zugestates-ch.mail.protection.outlook.com

TXT

MS=B758A049C9B557D1AEAB86780063EEAEE5457D89
msfpkey=17enydk76o0e2we4z011ipea1
eHTIWpSW+ZibwwFG71S3ZzNOyb/ChL1gxINdVRvRBk4UmFKTuoMb57TpL9YX/m0fMlXPxbCCLu2TBE0sjJag1Q==

Verified for

Apple
Brevo
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.iway.ch include:mailing.eqs.com include:amazonses.com include:spf.cloud.ci-solution.com ip4:195.134.137.234 ip4:193.5.117.18 ip4:192.162.28.8 include:_spf.psm.knowbe4.com include:spf-de.emailsignatures365.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:fe2fia47@ag.eu.dmarcian.com;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCxx/Vg8bkipYfgNGsx5aoYKUgyAoYH0wQHfsWxNuZTNqh8J/IXNvCJkYPPzyeAIqB58s1qRupWAC2sulwLK…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T 14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR /5ey0nRBH0ZVxp+lsmTxid…

selectors probed

Certificates

Loading certificate

HTTP security headers

Header hygiene 80/100 Checked live page: https://zugestates.ch/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://www.zugestates.ch;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://maps.googleapis.com https://unpkg.com; script-src-elem 'self' 'unsafe-inline' https://js.stripe.com https://*.usercentrics.eu https://cdn.jsdelivr.net https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://maps.googleapis.com https://unpkg.com https://cdn.feedbucket.app/assets/feedbucket.js; script-src-attr 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://maps.googleapis.com https://unpkg.com; style-src 'self' https://cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/css/splide.min.css https://fonts.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://cdn.feedbucket.app https://cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/css/splide.min.css https://www.
strict-transport-security: max-age=15768000; includeSubDomains