hero.it

HTML metadata

Technology

Server

nginx

CMS

Drupal

PHP

8.3.27 security-only

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (4)

• fonts.googleapis.com×5
• fonts.gstatic.com×1
• static.addtoany.com×1
• www.googletagmanager.com×1

DNS records live

NS

• ns.hostpoint.ch
• ns2.hostpoint.ch
• ns3.hostpoint.ch

MX

• 10 hero-it.mail.protection.outlook.com

Verified for

• 1Password
• DocuSign
• Google
• Meta
• Microsoft 365
• TeamViewer

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:_u.hero.it._spf.smart.ondmarc.com -all

strict (-all)

DMARC

v=DMARC1; p=none; pct=100; sp=none; rua=mailto:a0a4f9e7@inbox.ondmarc.com; ruf=mailto:a0a4f9e7@inbox.ondmarc.com; adkim=r; aspf=r; fo=1; rf=afrf; ri=3600

policy: none (monitoring only) · sp=none

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+r+4RuHcdSifHBuBrPDXHy3VFMNc3LJsA6Inf9Y5GcIqGEkEfKkK2qIfip1QmuY6+h06g/O22rIzDEdXpeb…
• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://hero.it/

present

• strict-transport-security
• x-frame-options
• x-content-type-options

findings

• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (2)

• hero-group.ch×1
• corny.it×1

Linked from (1)

• hero.nl×1