hyllestad.kommune.no

HTML metadata

Technology

CMS

Joomla

jQuery

1.12.4 known XSS (<3.5)

Stack

ASP.NET

Third-party hosts loaded (2)

• cdn.jsdelivr.net×1
• www.firda.no×1

Social

• facebook

Contact

Email

• postmottak@hyllestad.kommune.no

Phone

• 57789500
• 91356149
• 90076320
• 57789557
• 47457272

DNS records live

NS

• ns1-auth.enivest.net
• ns2-auth.enivest.net

MX

• 50 hyllestad-kommune-no.mail.protection.outlook.com

TXT

• 9DjNToGinz7bH+5Hrr+dJXM846prmKk821sYvUbGL8DLGFRHCLJfFeyL7SGoEBuvoKB6GDZj21kGcdg+j0ilpA==
• aO3RlQay28e3x7KGXg0vzxohXoV9xNu3jROl0A3RRDA=
• DomainVerification=25BV4PVYV773MHCWAG53PZKM4GPTNLOEMMYQGR7HK3HWOI8BLTZ900SONZQFNP9W

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 include:1sxztxcf51.powerspf.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:33l7hrol4l@rua.powerdmarc.com; ruf=mailto:33l7hrol4l@ruf.powerdmarc.com; fo=1;

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bmMnLRNeR2e8kofG811R84oCTPAvYqd3GQov8TG8O0OZeW6KhAIyUHVBVjYr45ADg03xvHHX2ta4S…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCgkf7kYUhIVPmXViCdn6CmaqVwXXsKNWAYlrblvnXLGORMX2j2ibl20z5JDIcSO/PYU90EjlmXOqh…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.hyllestad.kommune.no/

present

• strict-transport-security
• content-security-policy
• x-frame-options

findings

• CSP uses wildcard sources
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (12)

• visbrosjyre.no×1
• uustatus.no×1
• sysikt.no×1
• mozilla.org×1
• microsoft.com×1
• kommunekart.com×1
• hyllestadinfo.no×1
• google.com×1
• foreningsportal.no×1
• fjordnorway.com×1
• facebook.com×1
• easycruit.com×1

Linked from (3)

• servicetorget.no×1
• hyllestadinfo.no×1
• sysikt.no×1