casfera.pl

HTML metadata

Technology

Server

nginx

CMS

WordPress 1.1.12 outdated (current 6.8)

jQuery

3.7.1

Analytics

• Piwik PRO

Fonts

• Google Fonts

Third-party hosts loaded (3)

• fonts.googleapis.com×4
• credit-agricole.piwik.pro×1
• fonts.gstatic.com×1

Social

• instagram
• facebook
• linkedin

DNS records live

NS

• dns1.credit-agricole.pl
• dns2.credit-agricole.pl

Verified for

• Google

Email authentication no MX

SPF

v=spf1 -all

strict (-all)

DMARC

v=DMARC1; p=reject;

policy: reject (enforced)

DKIM

Show 12 DKIM selectors

• default: v=DKIM1; p=
• google: v=DKIM1; p=
• selector1: v=DKIM1; p=
• selector2: v=DKIM1; p=
• k1: v=DKIM1; p=
• k2: v=DKIM1; p=
• mail: v=DKIM1; p=
• dkim: v=DKIM1; p=
• s1: v=DKIM1; p=
• s2: v=DKIM1; p=
• mxvault: v=DKIM1; p=
• smtpapi: v=DKIM1; p=

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.casfera.pl/

present

• strict-transport-security
• content-security-policy
• x-frame-options

findings

• CSP uses wildcard sources
• weak frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• credit-agricole.pl×1
• facebook.com×1
• instagram.com×1
• linkedin.com×1

Linked from (1)

• credit-agricole.pl×1