ae-sa.ch

HTML metadata

Technology

Server

Apache

jQuery

1.5.1 known XSS (<3.5)

Third-party hosts loaded (1)

• ajax.googleapis.com×1

DNS records live

NS

• ns1.infomaniak.ch
• ns2.infomaniak.ch

MX

• 1 aesa-ch0e.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:spf.infomaniak.ch -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:mailauth-reports@infologo.ch; ruf=mailto:mailauth-reports@infologo.ch

policy: none (monitoring only) · sp=none

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/KevaSApV5nPZt+T7ehOCw6+tGs7ECi4LOPSN+6MIbaWXFkw8VRmhh0M9hwQfXDqe6zBS8hR32Q+m…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/8lxdd1XUFIVIKuYYjBO1jBIA11DSlNuB5706MBxJZdGbhvg2TU+cnITooqqsjfn23IaGIKcxBqB7…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://ae-sa.ch/

present

• strict-transport-security

findings

• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Linked from (1)

• cirkla.ch×1