obt.ch

HTML metadata

Technology

Server

nginx

Stack

PHP

Analytics

• Google Tag Manager

Third-party hosts loaded (1)

• www.googletagmanager.com×1

Social

• linkedin
• facebook
• instagram
• youtube
• threads

DNS records live

NS

• ns1.ip-plus.net
• ns2.ip-plus.net

MX

• 10 obt-ch.mail.protection.outlook.com

TXT

• mx-49a88dc73987704e
• MS=EC8D08D32E973C5B59E21DCBAC4293189EE62D40
• deepbox-verification=o1oJULOyPzxj2UNb7CCMlHrLmLq0cfrB_7J9bLdGtOA

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 mx a ip4:185.156.9.115 a:mail.ostendis.ch include:spf.mailxpert.ch include:_spf.sui-inter.net include:spf.abacuscity.ch ip4:164.128.36.0/24 ip4:185.156.11.50 ip4:185.156.8.32 ip4:185.156.11.2 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_obt@obt.ch; adkim=s; aspf=s

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwI5C0yrHOTxhgRWxE8D/UlYgMqI4KpqEcF8M7wj3fRtag1GdNECHlq9C5zpeyD5GmGFO2dIEcGVMq…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.obt.ch/

present

• strict-transport-security
• x-content-type-options
• referrer-policy

findings

• missing Content Security Policy
• missing frame protection
• missing Permissions Policy

Links to (12)

• youtube.com×1
• threads.net×1
• spotify.com×1
• myobt.ch×1
• linkedin.com×1
• lepa.ch×1
• instagram.com×1
• figas.ch×1
• facebook.com×1
• expertsuisse.ch×1
• budliger.ch×1
• bakertilly.ch×1

Linked from (3)

• boom-tg.ch×1
• panorama.ch×1
• jets.ch×1