netland.ch

HTML metadata

Technology

Server

nginx

jQuery

3.4.1 known XSS (<3.5)

Stack

PHP

Third-party hosts loaded (1)

• ajax.googleapis.com×1

DNS records live

NS

• ns1.netland.ch
• ns2.netland.ch

MX

• 10 mail.netland.ch

Verified for

• Google

Email authentication strong

SPF

v=spf1 include:_spf.netland.ch include:_spf.bexio.com +mx +a -all

strict (-all)

DMARC

v=DMARC1; p=reject;

policy: reject (enforced)

DKIM

• default: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50x4c5jL/Wf5GxRC8QPPQ+dgOtBg3wX5oPI9O7vDbX6pu5KN9Ht9P1Vo2TFpUlosjijorpnOBAuDxr0O4NZxK…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.netland.ch/

present

• strict-transport-security
• x-frame-options

findings

• missing Content Security Policy
• weak frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy