gasthof-zimmermann.ch

HTML metadata

Technology

Server

nginx

PHP

8.3.31 security-only

jQuery

1.12.4 known XSS (<3.5)

Stack

PHP

Fonts

• Google Fonts

Third-party hosts loaded (6)

• fonts.googleapis.com×4
• cdn.jsdelivr.net×2
• fonts.gstatic.com×2
• cdnjs.cloudflare.com×1
• code.jquery.com×1
• www.facebook.com×1

DNS records live

NS

• ns.hostpoint.ch
• ns2.hostpoint.ch
• ns3.hostpoint.ch

MX

• 10 mx.gasthof-zimmermann.ch
• 10 mx2.gasthof-zimmermann.ch

Email authentication strong

SPF

v=spf1 a mx mx:mx.gasthof-zimmermann.ch mx:gasthof-zimmermann.ch ip4:152.53.23.195 ip6:2a03:4000:6c:c9:e4f6:f2ff:fe99:253b include:_spf.google.com include:spf.protection.outlook.com include:spf-a.outlook.com include:spf-a.hotmail.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:info@gasthof-zimmermann.ch; ruf=mailto:info@gasthof-zimmermann.ch;

policy: quarantine

DKIM

• default: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIA96pTH83xzyLGsBIbBCFX4IztQiQbGHUp1qdZym35MmQrwsqJRMUZCSi3IRtBU4ZeF8UtS3sdtahQyL6AUq…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.gasthof-zimmermann.ch/start.html

present

• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing HSTS
• missing Content Security Policy
• missing Permissions Policy

Linked from (1)

• fcrj.ch×2