frigemo.ch

HTML metadata

Technology

Server

nginx

CMS

Joomla

jQuery

2.2.4 known XSS (<3.5)

Third-party hosts loaded (1)

• ajax.googleapis.com×1

Contact

Phone

• +41584339111

DNS records live

NS

• ns1.fenaco.ch
• ns2.fenaco.ch

MX

• 0 fenaco-com.mail.protection.outlook.com

TXT

Show 5 TXT records

• knowbe4-site-verification=9d1f1795b6a36c782f7090d80a21a470
• mindmanager-verification=e85ac2da75d98222b155a12deb7005520c0555f0446f899184ca09a975dc9b6c
• knowbe4-site-verification=efc3aa74621905ef6e57d56cf054e8a8
• hLzrNj6jrpOybx5CSBOlIkymQwxcjIY6ZlHbgI9Mg86cfuM8lDVKyZrDJhyp2lK79elSaE2ErOPWiVihecnZKQ==
• PS4nJ7ja2Xulk4I/cBoVnMAwqRBEyoZC4vED7afkl8ca5c5Kddq3LnouSXBU9K+lLsuDSWyy5cmNK7x7kGy9/Q==

Verified for

• Cisco
• Microsoft 365
• Miro

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.fenaco.com ~all

softfail (~all)

DMARC

v=DMARC1;p=quarantine;rua=mailto:dmarc@fenaco.com;aspf=s;

policy: quarantine

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO4SzvoJWZ8wwHfi/XFntRiBMzC9KNlsf2SppmYIdTf/CDpZsTDlveOqoBOIcaYQIX+5sxBhcyfITA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.frigemo.ch/home/

present

• strict-transport-security
• x-content-type-options

findings

• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• regiofrites.ch×1
• knightlab.com×1
• frigemo-online.ch×1
• eiermaa.ch×1

Linked from (4)

• frigemo-online.ch×1
• regiofrites.ch×1
• fruechtebamert.ch×1
• alpiger-getraenke.ch×1