jost.co

HTML metadata

Technology

Server

nginx

CMS

WordPress

Fonts

• Adobe Fonts
• Google Fonts

Social widgets

• Vimeo Embed

Third-party hosts loaded (5)

• cdnjs.cloudflare.com×3
• fd.cleantalk.org×2
• fonts.googleapis.com×1
• player.vimeo.com×1
• use.typekit.net×1

Social

• linkedin
• instagram
• facebook

Contact

Phone

• 01212121212121
• 34121212121212
• +1-403-647-4380

Address

ST MDT MWT MPT|7x.Q 70 60 60 60|01212

DNS records live

NS

• dns1.registrar-servers.com
• dns2.registrar-servers.com

MX

• 10 mx1.privateemail.com
• 10 mx2.privateemail.com

TXT

• pinterest-site-verification=93bd3dd0b506c5b797e4ca5b0d792d23
• google-site-verification=kJPmTpAGfJyKWv9wcgIRKod0j6p9ZR8RNzACdQNv8c8

Email authentication weak

SPF

v=spf1 include:spf.privateemail.com ~all

softfail (~all)

DMARC

not published

DKIM

• default: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7YUy+qsGfAYymIPr+IxiryAW/GKVaJs1oe/SHvVZeCz768fXng17CyN/WPi7XAwmK9rN+uruXMe38Jn…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://jost.co/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• behance.net×1
• dribbble.com×1
• facebook.com×1
• instagram.com×1
• linkedin.com×1

Linked from (1)

• stomm.co.uk×1