firststop.se

HTML metadata

Technology

jQuery

3.5.1

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• firststopassets.silkmoth.com×8
• www.googletagmanager.com×2
• kit.fontawesome.com×1
• maps.googleapis.com×1

Social

• youtube
• instagram
• facebook
• linkedin

Contact

Address

First Stop SE, Sjögatan 23, 852 34, Sundsvall, Sweden, 852 34, Sundsvall, Sundsvall, SE

DNS records live

NS

• ns1.register.be
• ns2.register.be
• ns3.register.be

MX

• 0 firststop-se.mail.protection.outlook.com

TXT

• IsH0SUVl1R7OnKyvV2w32dM2+XaQr3TpHL8AXwjM3r1FqaFky/qeahqka+FpB9IgrQ4BqWKxTsGEgr97pwLzLQ==
• c2HNQaV0AvpJHr74ARwIRge/jpOoB5VSQA/oiwcmJaimxOxX2X4XIWh3ror0w4S5UUYHQgrTtdQbtbUuons31g==

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:mail.silkmoth.net include:emsd1.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:ra6tzf4g@ag.dmarcian.com; ruf=mailto:ra6tzf4g@fr.dmarcian.com;

policy: quarantine

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvGrtONSoAZ9bLTJt8N8ZJK+0LlXg0yxdhRdtUfTVgCvBHPVOhidE49o2CgHtdcG2PJ1p3gFMBuNJjqIXGxm…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://firststop.se/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources

Links to (5)

• youtu.be×1
• tyresonmywebsite.co.uk×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1

Linked from (2)

• dackcity.net×1
• bechabil.se×1