simap.ch
simap.ch
HTML metadata
Technology
- Server
- Secure
DNS records live
- NS
-
- dns.begasoft.ch
- dns.begasoft.net
- dns2.begasoft.ch
- dns2.begasoft.net
- MX
-
- 10 simap-ch.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
mx-62b80b98d552d1b0q5mtkb9vjttpmgtthntttt0zmhbkn48781tc9z01cf3g5db9ls3gxyg5ymwwgp9q_z8wg2cp77hng7331lwsznwrrkvw2qzu
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 mx a include:spf.protection.outlook.com include:spf.smtp.net ip4:194.88.197.208 ip4:194.88.197.203 -allstrict (-all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9EceoMQmhpcS0wxRL7CvF46pu4hDtZU49ivyjQ72/6UXZKSBZ659inTnf+cAWbCvCYNcFEt8g/zye…
selectors probed - selector1:
Certificate (current)
DigiCert EV RSA CA G2
Expires in 122 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
report-uri /csp-report;base-uri 'self';default-src 'self';child-src blob:;worker-src 'self' blob:;connect-src 'self' www.simap.ch *.sentry.io insights.simap.ch;font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;frame-src 'self' *.youtube.com;frame-ancestors 'self';img-src 'self' data: blob: www.simap.ch;script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' insights.simap.ch;style-src 'self' 'unsafe-inline' simap.test fonts.googleapis.com dev.simap.ch;form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests- strict-transport-security
max-age=63072000