loftleben.ch

HTML metadata

Technology

Server

Apache

CMS

Joomla

jQuery

1.10.1 known XSS (<3.5)

Analytics

• Google Tag Manager

Third-party hosts loaded (1)

• www.googletagmanager.com×1

Social

• facebook

Contact

Email

• info@dont-want-spam.loftleben.ch

Phone

• +41 81 720 35 20

DNS records live

NS

• dns10.pitsolutions.ch
• dns11.pitsolutions.ch
• ns1.azinova.ch
• ns2.azinova.ch

MX

• 0 loftleben-ch.mail.protection.outlook.com
• 10 loftleben.ch

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 ip4:138.201.253.78 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine

policy: quarantine

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kFBydsVPaPlcAcMIQxJF9aNL7IBKHwmRqDK2JBUShgKBjZ6uzVggjPm72Tn73P4S6cxzSidzVTwan…
• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0zQA5t/yMBZlHlCsEKUwQ8YAl5Uk9XCoGdAytL8w2/7gYvQdkt5XBlPAh3koBbNymzcMVQAhdyO0gZmDnUI…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPy6b4HK2oCEgkXHi0nnRIyLN8SXk+TrD5oNtu/xVVBSkplQvkqNEr+jtVEBifOhsHVksMvoDQ7ehH…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.loftleben.ch/

present

• strict-transport-security
• x-frame-options
• x-content-type-options

findings

• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (17)

• zieglertex.ch×1
• walenseeschiff.ch×1
• uptownmels.ch×1
• seekultour.ch×1
• sbb.ch×1
• htr-milestone.ch×1
• heidiland.com×1
• gotcourts.com×1
• flumserberg.ch×1
• facebook.com×1
• eventagentour.ch×1
• blogspot.com×1
• blogspot.ch×1
• azivita.ch×1
• azireal.ch×1
• azinova.ch×1
• altespinnerei.ch×1

Linked from (5)

• zieglertex.ch×1
• altespinnerei.ch×1
• azivita.ch×1
• azireal.ch×1
• azinova.ch×1