indexo.dev

finma.ch

.ch crawl

First seen 2026-05-13 · Last seen 2026-05-19 · ok HTTP/1.1 200 1665 ms crawled 2026-05-19

CH · 193.223.20.24 · AS3303 Bluewin

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Willkommen bei der Eidgenössischen Finanzmarktaufsicht FINMA | FINMA
Description
Willkommen bei der Eidgenössischen Finanzmarktaufsicht FINMA
Canonical
https://www.finma.ch/
Translations
  • de
  • en
  • fr
  • it

Open Graph

url
https://www.finma.ch/de/
title
Willkommen bei der Eidgenössischen Finanzmarktaufsicht FINMA
site name
Eidgenössische Finanzmarktaufsicht FINMA
description
Willkommen bei der Eidgenössischen Finanzmarktaufsicht FINMA

Technology

Server
Apache

Social

Contact

Email
Phone

DNS records live

NS
  • dns1.swisscom.com
  • dns2.swisscom.com
  • dns3.swisscom.com
MX
  • 10 mail.swisscom.com
  • 20 mail10.swisscom.com
  • 20 mail20.swisscom.com
TXT
Show 9 TXT records
  • swisssign-check=f4jCzy9J7_otiFvrVOy5IME4MCw
  • _5l4t0no8oyj05bp01to5ok91w1f0woe
  • swisssign-check=lIFhxOxVjfL_LkwHM-9OzXqrtK0
  • MS=EE19E0D56572EF7987DF6EE1F2E8FF9276D43A3D
  • ded1e99d-c82e-43bc-ba95-c9fb336a9d8c
  • cisco-ci-domain-verification=5c12291a899db1e52dbd8cf301e551c01ebef63e12436d3c5a088de3af2dbcd0
  • successfactors-site-verification=MWI1MDIzMjY1MThiNjY1ZWQwYmUyYjg3YWI5MWRiNDM0MmEzYTVkODhiM2E0Y2NjMTI2ODZjZGU5NmFmMDYxNg==
  • QuoVadis=e9a9ef70-6fb3-4885-91e0-26540ed654cb
  • mx-d25aea4f8d6664f5

Email authentication partial

SPF
v=spf1 include:spf.swisscom.com include:spf.finma.ch include:spf.appmail.swisscom.com include:spf.protection.outlook.com ip4:212.71.124.231 ip4:212.71.124.232 ip4:212.47.170.6 ip4:212.47.170.7 ip4:213.188.252.3 ip4:212.25.0.148 ip4:162.23.32.11 ip4:195.49.25.216 -all
strict (-all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:reports-rua@finma.ch; ruf=mailto:reports-ruf@finma.ch;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

SwissSign RSA TLS OV ICA 2022 - 1
from 2025-08-12 to 2026-08-12
Expires in 84 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.finma.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin-when-cross-origin
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.finma.ch tag.myaspectra.ch fast.fonts.net fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' tag.myaspectra.ch fast.fonts.net *.twitter.com *.twimg.com *.google.com *.gstatic.com https://insights.finma.ch; img-src 'self' data: tag.myaspectra.ch *.twitter.com *.twimg.com https://insights.finma.ch; style-src 'self' 'unsafe-inline' fast.fonts.net fonts.googleapis.com *.twitter.com *.twimg.com; child-src 'self' *.refline.ch register.finma.ch portal.finma.ch; frame-src 'self' *.gstatic.com www.google.com *.refline.ch register.finma.ch portal.finma.ch *.vimeo.com jobs.finma.ch *.twitter.com *.twimg.com event.finma.ch; frame-ancestors 'self'; connect-src 'self' https://insights.finma.ch;
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (3)

Linked from (8)