hkfoods.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- jQuery
- 2.2.4 known XSS (<3.5)
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (4)
- cdnjs.cloudflare.com×3
- code.jquery.com×1
- maxcdn.bootstrapcdn.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Registrar
- EuroDNS S.A.
- Created
- 2004-09-19
- Expires
- 2027-09-19 473 days left
- Updated
- 2024-03-19
- Name servers
-
- edns8.ultradns.biz
- edns8.ultradns.com
- edns8.ultradns.net
- edns8.ultradns.org
DNS records live
- NS
-
- edns8.ultradns.biz
- edns8.ultradns.com
- edns8.ultradns.net
- edns8.ultradns.org
- MX
-
- 0 hkfoods-com.mail.protection.outlook.com
- TXT
-
fE1/7d064e4JLpQovht685dkf6Ysnuc76ORMq/6CE4QYOGpOBm9CTuZ1FyzkQpDPziQXvPMPW8ucBPmF4uUeuw==successfactors-site-verification=YzExNWNjZmFjMDBlYmU1MDU0NzMwODAxZDRmMDEyMGU3OGYzYzBiYjE0NGU0YzFmNzEyYWE3ZjRiNDVmMTY3MA==
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.elisanet.fi ip4:62.13.140.19 ip4:185.134.90.80 ip4:23.249.220.71 ip4:23.249.220.72 ip4:23.249.220.73 include:spf.lianamailer.com include:_spf.emaileri.fi include:_spf.cmail.ondemand.com include:_spf-dc33.sapsf.eu -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc.rua@hkfoods.com;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv26TX7qEx41epoC/jqQHueyu2EkGMw7raeIYVfTaOd0u7Qz9wLNZ5GaawJRy3m/qFaoCFw7ytVJw7s… - s1:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDH+wed5rewH/fV/dM8b8L9xtIc1g+/z7Pf0WjZm85YSTn617tyJys4O1kb3fZ27onUS6B9D/GfyBlIFgvSyEcQbm… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFyS9ZOebnslMCYZWd1GB3wnpACvwn20yTPfKFSfo/aXte9UiJkceEu7d0G6BXzCCrVWEgz2dS305oYTHuTC5Qko…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 57 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://www.hkscan.com https://consent.cookiebot.com https://service.giosg.com https://www.youtube.com/ https://rosekylling.activehosted.com/ *.cdn.jsdelivr.net/ https://old-viewer.paperturn-view.com https://www.paperturn-view.com https://www.paperturn-view.com/ 'nonce-/siTHJLXVMFu47HyWpa0wJYBBW6mT8l7dvTxjH8GRfI='; font-src 'self' https://use.typekit.net https://dhm5hy2vn8l0l.cloudfront.net https://cdnjs.cloudflare.com/ https://fast.fonts.net/ https://fonts.gstatic.com https://giosg-chat-public-eu.s3.amazonaws.com https://cdn.giosgusercontent.com; style-src 'self' 'unsafe-inline' https://p.typekit.net/ https://use.typekit.net/ https://service.giosg.com https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://fast.fonts.net/ https://fonts.googleapis.com https://cookiehub.net https://cdn.cookiehub.eu/; frame-src 'self' https://318.clients.giosgusercontent.com/ https://rosekylling.activehosted.com/ hr-manager.net/ htt- strict-transport-security
max-age=300; includeSubDomains
Links to (6)
- youtube.com×1
- x.com×1
- linkedin.com×1
- instagram.com×1
- inderes.com×1
- facebook.com×1