bcvs.ch

HTML metadata

Technology

Server

Apache

jQuery

3.7.1

Third-party hosts loaded (1)

• code.jquery.com×1

Social

• facebook
• instagram
• linkedin
• youtube

Contact

Phone

• 0041848765765
• 0041800800765
• 0041589588383
• 0041317101215
• 0041589586978

DNS records live

NS

• dns1.swisscom.com
• dns2.swisscom.com
• dns3.swisscom.com

MX

• 10 bcvs-ch.mail.protection.outlook.com

TXT

Show 6 TXT records

• q7gbkjbyk1xmf4xpcmhz65dyb1f9m6kn
• _vsh361x0m8gq7px8ifzjzqjcp8oocp6
• _vfe2j5r7j29pyf0gjcwlx5x0t6pxg9i
• 0x7v9h39t35v4tw7x5csf432wn12265w
• _swisssign-check.bcvs.ch=dJYTQxEMykdIoQWy0JzUe09QILvYNZkwvuy2sgs5hQ
• _fskhampv5ahl7wdjtuituaaok6pyycl

Verified for

• Apple
• GlobalSign
• Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:80.80.229.247 ip4:212.203.79.34 ip4:213.221.153.167 ip4:138.190.126.36 include:spf.appmail.swisscom.com include:spf1.net4all.ch include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

v=DMARC1;p=none;pct=100;rua=mailto:dmarc-reports@bcvs.ch

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5el4JRKgXsuKaJUyZz+jFS2fxzL7rq/rXzmVEDIgSDv3h7ZEF9qV9GVcxYmULieo/4fsnlvvSqEAP…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.bcvs.ch/

present

• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• youtube.com×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1

Linked from (8)

• gilliarday.ch×1
• marathonvalais.ch×1
• grand-raid-bcvs.ch×1
• clubdecom.ch×1
• nanoxi.ch×1
• elium.ch×1
• ebas.ch×1
• fondationopale.ch×1