ifh.no

HTML metadata

Technology

Server

nginx

CMS

WordPress 7.0

PHP

8.3.30 security-only

jQuery

3.7.1

Analytics

• Google Tag Manager

Cookie consent

• Cookiebot

Third-party hosts loaded (3)

• www.google.com×2
• consent.cookiebot.com×1
• www.googletagmanager.com×1

Contact

Email

• ifh@ifh.no

DNS records live

NS

• ns3.servetheworld.net
• ns4.servetheworld.net

MX

• 10 ifh-no.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.stwcp.net ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCr+VfZYwONzijN7Oo1MD0fIX3BmuIk0ZdwiWH7rOHW1fdTwL7sqstUr/5fBf7I1OPIPdf8kD1oUf0jrbTPMC4snbnSX…
• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZK6tZgYklIG+HLI8H2c4xtWNR9/EfCy6bZGYg0FsGf5Ma0MXbxO+1wOW5Ci22ItdmWIZUS5uTIp1w…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://ifh.no/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Linked from (1)

• somafotsoneterapi.com×1