kinaesthetics.ch

HTML metadata

Technology

Server

Apache

jQuery

1.11.3 known XSS (<3.5)

Fonts

• Google Fonts

Third-party hosts loaded (4)

• cdnjs.cloudflare.com×4
• maxcdn.bootstrapcdn.com×3
• ajax.googleapis.com×1
• fonts.googleapis.com×1

Social

• youtube

DNS records live

NS

• ns1.hosttech.ch
• ns2.hosttech.ch
• ns3.hosttech.ch

MX

• 0 kinaesthetics-ch.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 ip4:195.141.94.12 include:spf.protection.outlook.com include:spf.nl2go.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@larete.ch;

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXIUaauN2YAxA0jdQ8zUWC1I0ca93NvryFVZWNDVgCgC00Tlm+VelssS9sysl2PIu9T8A+3NJnoSlV…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ugHGb2GA8/N8Tru9k3KKnMMXn6uDU0xItNq9EtVxz4xqsTzd6gexsFIalNaNZtct/dIVFJV2dj4uG…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.kinaesthetics.ch/

present

• strict-transport-security
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing Content Security Policy
• missing Permissions Policy

Links to (17)

• youtube.com×1
• youtu.be×1
• berufsprüfung-kinästhetik.ch×1
• wir-pflegen-zuhause.ch×1
• vimeo.com×1
• stiftung-lq.com×1
• recht.ch×1
• pflegetag.ch×1
• ost.ch×1
• odasante.ch×1
• kinaesthetics.net×1
• kinaesthetics.it×1
• kinaesthetics.dk×1
• kinaesthetics.de×1
• kinaesthetics.at×1
• hogrefe.com×1
• competence.ch×1

Linked from (10)

• kinaesthetics.it×1
• kinaesthetics.net×1
• kinaesthetics.de×1
• wir-pflegen-zuhause.ch×1
• kinaesthetics.dk×1
• berufsprüfung-kinästhetik.ch×1
• kinaesthetics.at×1
• bewegt.ch×1
• federbunt.ch×1
• lindenfeld.ch×1