energy-startup-day.ch

HTML metadata

Technology

Server

Apache

CMS

Joomla

jQuery

1.11.1 known XSS (<3.5)

Analytics

• Google Tag Manager

Third-party hosts loaded (2)

• sibforms.com×2
• www.googletagmanager.com×1

Contact

Email

• info@energy-startup-day.ch

DNS records live

NS

• ns.hostpoint.ch
• ns2.hostpoint.ch
• ns3.hostpoint.ch

MX

• 10 mx1.mail.hostpoint.ch
• 10 mx2.mail.hostpoint.ch

Verified for

• Brevo

Email authentication partial

SPF

v=spf1 redirect=spf.mail.hostpoint.ch include:spf.sendinblue.com mx ~all

softfail (~all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400

policy: none (monitoring only) · sp=none

DKIM

• mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://energy-startup-day.ch/

present

• x-frame-options

findings

• missing HSTS
• missing Content Security Policy
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (17)

• zid-bernapark.ch×1
• zhaw.ch×1
• swissolar.ch×1
• startup-campus.ch×1
• sictic.ch×1
• sges.ch×1
• runway-incubator.ch×1
• qualtrics.com×1
• kuk-aarau.ch×1
• innovation-monitor.ch×1
• impacthub.ch×1
• female-founders.ch×1
• energiezukunft-forum.ch×1
• energate-messenger.ch×1
• electrosuisse.ch×1
• cleantech-alps.com×1
• axpo.com×1

Linked from (1)

• energiezukunft-forum.ch×1