rpel.ch

HTML metadata

Technology

CDN

Cloudflare

CMS

Next.js

Third-party hosts loaded (1)

• storage.rpel.io×2

Social

• linkedin
• instagram
• github

Contact

Phone

• +41774512504

DNS records live

NS

• alex.ns.cloudflare.com
• jill.ns.cloudflare.com

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

TXT

• google-site-verification=UGXIn41oa7HOScfirnTp507U6AKAavcF7_jSGGz02mc
• google-site-verification=nCNAQsKzOmXyge8JwVqsC8ETVanOjMHbIz31mgBITSw
• apple-domain-verification=c75ANLzlHmQmhqei

Email authentication partial

SPF

v=spf1 redirect=spf-permissive.mail.hostpoint.ch

no all qualifier

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv3l5PnfMmW6cvkDYn9dZbqmRSkx591faexgah0Wxb7TIGHIB4aLT78D+nNsDE7lB9fT6suK+begCHZ4oQ…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXiowRyittBK8hrTnZ8K6YE8aJj6FYMYuXmTGmD+fdUTi6sdlkszY5JphNYlZrUIyhrIVydry1UWBWmW+c…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://rpel.ch/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (13)

• docker.com×1
• github.com×1
• instagram.com×1
• linkedin.com×1
• medimile.app×1
• medusajs.com×1
• nextjs.org×1
• nodejs.org×1
• payloadcms.com×1
• postgresql.org×1
• reactrouter.com×1
• supabase.com×1
• tailwindcss.com×1

Linked from (1)

• sfak.de×1