muehle-fraubrunnen.ch

HTML metadata

Technology

Server

nginx

jQuery

1.11 known XSS (<3.5)

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (2)

• fonts.googleapis.com×1
• www.googletagmanager.com×1

DNS records live

NS

• ch.ch-inter.net
• de.ch-inter.net
• nl.ch-inter.net

MX

• 0 muehlefraubrunnen-ch01e.mail.protection.outlook.com

Verified for

• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.sui-inter.net +mx +a -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:03fdd189@mxtoolbox.dmarc-report.com; ruf=mailto:03fdd189@forensics.dmarc-report.com; fo=1

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBM3kHSta83J6Hvg5xUkiWd3r0VTHAPkQI+Djw/+C5dY6VjJQ4dinCrqyD7uaNCRoC0JC/Q7jXDlzT/XPC58…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXRodA+ydl4z26VorQmCQhB1GJ8KzIgQHpHQcj6CnmAWX83b3pu/ub9St2XAvE5n+MYJA/rxiLuCgx…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.muehle-fraubrunnen.ch/

present

• strict-transport-security
• x-content-type-options

findings

• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• himmelblau.ch×1

Linked from (2)

• providebit.ch×1
• food4hope.ch×1