abl.ch

HTML metadata

Technology

CMS

Gatsby

Social

• youtube
• facebook
• instagram
• linkedin

Contact

Email

• info@abl.ch

Phone

• +41412272929

DNS records live

NS

• ns1.arcade.ch
• ns2.arcade.ch
• ns3.arcade.ch

MX

• 0 gateway.spamcleaner.ch

Email authentication weak

SPF

v=spf1 a mx a:mail.visol.ch ip4:88.99.28.21 ip4:159.69.147.166 ip4:116.202.6.34 ip4:116.202.109.98 include:spf.protection.outlook.com ip4:46.22.20.85 ip4:46.22.20.86 include:servers.mcsv.net include:spf.mailpro.com include:spf-de.emailsignatures365.com include:_spf.psm.knowbe4.com a:smtp.mailomat.cloud -all

strict (-all)

DMARC

not published

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU1V4WUiPm9jIfP8YUbuCPfnijdJq67HYUuc+1UQHY7pQlX4TBoiT/Fnl9mGVW+FgeFRwbNJbe8dPRkY38BA…
• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.abl.ch/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources

Links to (4)

• youtube.com×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1

Linked from (4)

• industriestrasse-luzern.ch×1
• wohnwerk-luzern.ch×1
• imovatec.ch×1
• neubad.org×1