giantleap.no

HTML metadata

Technology

CDN

Cloudflare

CMS

Joomla

jQuery

1.7.1 known XSS (<3.5)

Social

• linkedin

DNS records live

NS

• ns01.no.brand.one.com
• ns02.no.brand.one.com

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

Verified for

• Google

Email authentication partial

SPF

v=spf1 ip4:46.255.16.6 ip4:176.34.247.212 include:_spf.google.com include:amazonses.com include:email.freshdesk.com include:4153011.spf07.hubspotemail.net ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:re+e1ebsvzqc9s@dmarc.postmarkapp.com; sp=none; aspf=r;

policy: none (monitoring only) · sp=none

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj2ywSKotsaS1Jf/V8xow6njqbZTKyvblWF7f4GImaS49vGKh8++rHGN6b5lr7sC7llkI1iFm+974x…
• smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://giantleap.no/

present

• strict-transport-security
• content-security-policy
• referrer-policy

findings

• missing frame protection
• missing content type protection
• missing Permissions Policy

Links to (4)

• visma.com×1
• parksphere.net×1
• msolution.no×1
• linkedin.com×1

Linked from (1)

• vossparkering.no×1