berghs.se

HTML metadata

Technology

Server

nginx

CMS

WordPress

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• ik.imagekit.io×6
• cdn.cookietractor.com×1
• files.imbox.io×1
• www.googletagmanager.com×1

Social

• facebook
• instagram
• linkedin
• youtube

Contact

Phone

• 08-587 550 00

DNS records live

NS

• ns1.dnshost.net
• ns2.dnshost.net

MX

• 100 aspmx2.googlemail.com
• 100 aspmx3.googlemail.com
• 40 aspmx.l.google.com
• 50 alt1.aspmx.l.google.com
• 50 alt2.aspmx.l.google.com

TXT

• MS=855D301D5AF6442B85886AF2D108C57856F217AA
• pardot_367051_*=c2014797438c37e2e158af21e4eb0564a66aef642458be650afcd908a3dfadc8

Verified for

• Zoom

Email authentication weak

SPF

v=spf1 ip4:31.208.167.2 ip4:167.89.86.50 include:spf.mailanyone.net include:_spf.google.com include:aspmx.pardot.com include:_spf.salesforce.com include:amazonses.com ~all

softfail (~all)

DMARC

not published

DKIM

• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZTCM8079B5VIB9SeGSHOw/zDE/MrHk2UcSYlCri6e3z4PAEQFfSTvKFL/CqgIu3argne80I1Ow6Bz5dic…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtvei1SRK3/sOI36UV6XEzuYQZcbZW8aPK0mJ/7UXeXLHsMBk6U7S9m+GU9eq4mFlupQ/cdJ1mwy2f1XR+tRJpjl…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.berghs.se/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (7)

• facebook.com×1
• frictionfestival.se×1
• instagram.com×1
• instructure.com×1
• linkedin.com×1
• stateofwordsfestival.se×1
• youtube.com×1

Linked from (1)

• etc-publications.com×1