hammond.eu

HTML metadata

Technology

Server

Microsoft-IIS

ASP.NET

4.0.30319

jQuery

1.11.0 known XSS (<3.5)

Stack

ASP.NET

Third-party hosts loaded (1)

• ajax.googleapis.com×1

DNS records live

NS

• ns1.yourwebhoster.com
• ns2.yourwebhoster.com
• ns3.yourwebhoster.nl
• ns4.yourwebhoster.nl

MX

• 10 mx10.onlinemailscanner.com
• 20 mx20.onlinemailscanner.com
• 30 mx30.onlinemailscanner.com
• 40 mx40.onlinemailscanner.com

TXT

• hammondorgan.azurewebsites.net

Email authentication strong

SPF

v=spf1 ip4:109.71.54.24 +a +mx +ip4:109.71.52.35 +include:relay.mailchannels.net ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400

policy: reject (enforced) · sp=none

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lXEeI9gaITZp+zi211sKC6B+bNW6eYFFvrs8/CxQB60DCRNMdCPkiOEJowSyOFtQkjTIl0jVHpRv+…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXt4ujd++YSZAV9h7Ai7M8fxh2l2k4mpnaHL4bQ8MHJTIA0mx4tYqIb99vbopdBDzMZNoceNxrcbC5Y2JW…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoLmQFLyzsXfFekR6HqsxU2989720ya3KvgPb5LQrP6/ruIrkH1MYc2UV7zhgrdExmxcLNsqUfplvGlMB4WtgeIq…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://hammond.eu/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• vimeo.com×1

Linked from (1)

• suzukimusic-global.com×1