rbs.ch — domain check, WHOIS, DNS & reputation

HTML metadata

Title: RBS – Regionalverkehr Bern–Solothurn: Bahn & Bus im Takt
Description: RBS verbindet die Region mit Bahn und Bus – abgestimmte Fahrpläne, aktuelle Betriebslage & komfortables Reisen zwischen Bern und Solothurn.
Language: de
Canonical: https://www.rbs.ch/

Open Graph

url: https://www.rbs.ch/herzlich-willkommen-beim-rbs
title: Herzlich Willkommen beim RBS | RBS
locale: de

Technology

Server: Apache
CMS: Drupal

Analytics

Google Tag Manager

Third-party hosts loaded (3)

fahrplan.oevplus.ch×4
ereignisse.oevplus.ch×2
www.googletagmanager.com×1

Social

Contact

Phone

Address

Tiefenaustrasse 2, 3048, Worblaufen, Bern, CH

DNS records live

NS

nsa1.nts.ch
nsa2.nts.ch

MX

10 rbs-ch.mail.protection.outlook.com

TXT

Show 12 TXT records

eoej4gf2n6ov61u1rff0frci9o
swisssign-check=9Em92IM5Yn33sz93DGukh82bqKw
swisssign-check=X2jiNKjXwewSFQrBhz6IZ1m9xlE
jZ45pB4gUC990aXDlpjsMjFKwugA9YNYc080f34J73n4r6pDXeQFYJDsE7HDe2P8ITvK4jMAEE+H1qtMAVUaWg==
40kebhkjftlmmvni5bo2cpa0vb
bw=WEgd1BAu9IzGlP8BljHU3DLCyCl31iEcgl7M76UtoXyp
i0vainf82lt2hnm13sf6pq17b9
swisssign-check=3Wj5dvkRlcnLYFJTKeKBu3sYv04
oqvq24kdavq26f6h3s6n5dl7rs
DQiUS+NKNHChmS5x/uR1tg8WpfzvoMRX0J8tWpeLtfcR31+r/biYiJaBtsXBQ6DzlEuaYVTPDHnihQFe9UlW2g==
MS=8ACAA7A09053FA47B5864814F5E76A13FAF36AD6
swisssign-check=yEFd3x-yrkCb-PVr_WLKOkF70n4

Verified for

Google
Microsoft 365

Email authentication strong

SPF

v=spf1 ip4:212.103.84.103 ip4:5.148.171.174 include:spf.protection.outlook.com include:spf.emailsignatures365.com a:c.spf.service-now.com include:_spf.rexx-systems.com include:fdspfeuc.freshemail.io include:cemsc.net include:spf.protection.cyon.net -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:sicherheit.ict@rbs.ch

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMvweFQBqv0FzlvMc4h23d0l0YLpYLg+fB3/BlFSm5PO5+tiVl9Cd4yzDJPK2rrfVg1tQ4jcVOqjbHEjvaEX…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN9eBvXgsj0X3hxmkxr0BdgYs8WTR1mWwTsSBlBVrkcPRBiOTQcb5vBKaoQpWhWybXec1jABOOu8AyoWxJbx…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-12-01 to 2026-12-02

Expires in 180 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.rbs.ch/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: *.oevplus.ch *.googletagmanager.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.cloudflare.com *.googletagmanager.com *.oevplus.ch cdn.jsdelivr.net maps.googleapis.com www.google.com unpkg.com connect.facebook.net www.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline' data: *.cloudflare.com *.googletagmanager.com *.oevplus.ch cdn.jsdelivr.net www.google.com fonts.googleapis.com unpkg.com; img-src 'self' data: *.googletagmanager.com i.ytimg.com maps.gstatic.com fahrplan.oevplus.ch maps.googleapis.com www.facebook.com; frame-src 'self' data: *.googletagmanager.com *.oevplus.ch *.sbb.ch ea.sendcockpit.com www.youtube.com geops.sh editor.mapset.ch cdn.knightlab.com www.google.com www.facebook.com; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' data: *.oevplus.ch *.googletagmanager.com *.google-analytics.com maps.googleapis.com www.facebook.com www.google.com; report-uri /report-csp-violation
strict-transport-security: max-age=31536000; includeSubDomains

Links to (2)

youtube.com×1
linkedin.com×1