dintandlaege.dk

HTML metadata

Technology

CMS

Joomla

jQuery

2.1.3 known XSS (<3.5)

Analytics

• Google Tag Manager

Cookie consent

• Cookiebot

Third-party hosts loaded (4)

• ajax.googleapis.com×1
• consent.cookiebot.com×1
• www.facebook.com×1
• www.googletagmanager.com×1

Social

• facebook
• linkedin

Contact

Email

• info@dintandlaege.dk

DNS records live

NS

• ns1.curanet.dk
• ns2.curanet.dk

MX

• 0 dintandlaege-dk.mail.protection.outlook.com

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.wehost.dk include:spf.dynamicweb-cms.com ip4:85.218.187.150 ~all

softfail (~all)

DMARC

v=DMARC1; p=reject;

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVaTaaR5sJYfhrHo3WAUxR9Zgx8FQzaxQBl+hg1umYxZ7o6T3U7+Rvcj+4EzPutL+rH3UquSvhE11LSdIVtz…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5eIjvZuITX2dFrkNnxBwtx6u2AGYgePnCdaSBUgHhhHBxJSel7mh3ZRltlyCQ8miGOl0e2jw+CQZhlMWS…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDBTtonBVg91JGVgmHL5PV87HToVQWQBqWvsHbgqHQLHkJ5jjWsdNXgbtlmH+enTxE30qNPlBI10FxY0xuzFIsNs…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.dintandlaege.dk/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• dintandlæge-erhverv.dk×1
• linkedin.com×1
• ingenco2.dk×1
• facebook.com×1
• buchs.dk×1

Linked from (1)

• dentalhealthwithoutborders.dk×1