credex.ch

.ch crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 534 ms crawled 2026-05-30

CH · 138.190.126.233 · AS3303 Bluewin

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Credit Exchange
Language: en

DNS records live

NS

ns1.bdm.microsoftonline.com
ns2.bdm.microsoftonline.com
ns3.bdm.microsoftonline.com
ns4.bdm.microsoftonline.com

MX

0 credex-ch.mail.protection.outlook.com

TXT

mscid=+GWuvmZ6gAJmbnmcNNUo48rir2dgYRWrDBAhip7VwXtev4Z4vFJPeVZtAB1Ff6mOJ5mLtsDnDiYYUbfiVDkAdg==
swisssign-check=AXDSnjGXHpNkJNvmNGa2SlyOpio

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:spf.swisscom.com include:27090773.spf10.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8+tRR20O/ZL+Xu5p4Shw/JvJ4LvEo9zqLWBys1iWJ16zsib4Oxtx4B+qs1d2g5Ies6o+hQIm9AbvNme8xhx…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tpKidVbmagJ8w6gEGC+91Hx3JE+7sjoHZASEU/9AaBFmnmEcIivYlcrBpC54SmkwdbfSeOxaaf+Ts…

selectors probed

Certificate (current)

SwissSign RSA TLS DV ICA 2022 - 1

from 2025-10-03 to 2026-10-03

Expires in 125 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://identity.credex.ch/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DSCE.Web.MVC%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520phone%2520offline_access%2520api%26state%3DOpenIdConnect.AuthenticationProperties%253DE5ZmUKGTnptinxx4sWSaD96tCPPZkzXVnpX-TIkuvSGZH1ZQoaoXP9VnsbO8sy5X5j1LtVS5VuYiFU_vHI1or5F4LsIhKLHGgAsFAYwyXlCaVeR1%26response_mode%3Dform_post%26nonce%3D639157296148686599.ZDZiNDVlOTEtZTdiOS00ODhmLWE2YTktYTE5YmYyM2NlNDg1ZTJjOTAzMTQtMGMyMS00ZjZjLTgxMzEtMWUxODAxM2RkZWMx%26post_logout_redirect_uri%3Dhttps%253A%252F%252Fcredex.ch%252F%26redirect_uri%3Dhttps%253A%252F%252Fcredex.ch%252Fsignin-oidc%26x-client-SKU%3DID_NET462%26x-client-ver%3D8.0.2.0

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

missing HSTS
missing Permissions Policy

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';

Linked from (1)

creditexchange.ch×1