dermapharm.dk

HTML metadata

Technology

CDN

Cloudflare

CMS

Joomla

jQuery

2.1.3 known XSS (<3.5)

Stack

ASP.NET

Analytics

• Google Tag Manager

Fonts

• Adobe Fonts

Third-party hosts loaded (4)

• ajax.googleapis.com×1
• assets.ingenco2.dk×1
• use.typekit.net×1
• www.googletagmanager.com×1

Social

• linkedin

Contact

Phone

• 45 86 47 77 44

DNS records live

NS

• john.ns.cloudflare.com
• kia.ns.cloudflare.com

MX

• 0 dermapharm-dk.mail.protection.outlook.com

Verified for

• Apple
• GlobalSign
• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com ip4:217.116.236.0/24 ip4:91.102.88.0/24 ip4:195.140.135.64/28 ip4:193.200.225.0/24 ip4:95.138.209.212 ip4:92.246.0.146 ip4:91.199.113.180 include:sendgrid.net ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQeWc/eMGUZijTbxSeUUzZPM3OLopIGEw1Pmr7bjwr98ktLFzBpGSoQ3UHW3Ql00fffeAVmb0h5c4+9y/MpD…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3icBf3wmdDqxZKSKHNn1vWFbuHCnJgemMaf1r/cO6JHPVg83FJOdpjkQImEQDyxowN61+9Yoq98onO51E3…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDwxJRHE1tTwrSsp2n/AhqWOBkFFq3DDLkVIwKK1GR0kR7lnYLaTUqypJtaLXkuy1s1IlR234rux/zH13bU1IS9Lw…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://dermapharm.dk/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (3)

• linkedin.com×1
• ingenco2.dk×1
• dermapharm-dk.com×1

Linked from (2)

• dermaofficial.com×1
• derma.dk×1