clinton.se

HTML metadata

Technology

Server

nginx

jQuery

3.1.1 known XSS (<3.5)

Stack

PHP

Third-party hosts loaded (3)

• cdnjs.cloudflare.com×3
• cdn.jsdelivr.net×2
• cdn-cookieyes.com×1

Social

• facebook
• linkedin

Contact

Email

• info@clinton.se

Phone

• (+46) 8 549 00 860

DNS records live

NS

• a.ns.ip-only.net
• b.ns.ip-only.net
• c.ns.ip-only.net

MX

• 10 clinton-se.mail.protection.outlook.com

TXT

• upsales-customer-domain-verification=85af55e9dcb6bcef6634b87b65d2a4a1

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:kundspf.loopia.se -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:o3vunieb@ag.eu.dmarcian.com; ruf=mailto:o3vunieb@fr.eu.dmarcian.com;

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWSpoixOk2klnjixlc64/0FbH5NJUNNx8CQwGtNL1MYarWhMAnCjjm3QzWiq5cMLFNlWM855sPXTnR1RAET8…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.clinton.se

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (3)

• facebook.com×1
• linkedin.com×1
• maetpartner.se×1

Linked from (3)

• energipress.se×1
• maetpartner.se×1
• hydro2024.com×1