karate24.pl

HTML metadata

Technology

Server

Apache

CMS

Joomla

jQuery

1.11.1 known XSS (<3.5)

Fonts

• Google Fonts

Third-party hosts loaded (4)

• ajax.googleapis.com×1
• cdn.jsdelivr.net×1
• fonts.googleapis.com×1
• netdna.bootstrapcdn.com×1

Social

• facebook

DNS records live

NS

• dns.smarthost.pl
• dns2.smarthost.pl
• dns3.smarthost.pl

MX

• 0 karate24.pl

Email authentication partial

SPF

v=spf1 +a +mx +ip4:91.211.220.49 +ip4:91.211.221.102 +ip4:91.211.220.36 +ip4:91.211.222.33 +ip4:91.211.222.24 +ip4:91.211.222.80 ~all

softfail (~all)

DMARC

v=DMARC1 ;p=none

policy: none (monitoring only)

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TWSeEmk1tYzo5NBBi+N6cXeebTe4zqH/LlDCE/QdafrqCjP5MexPwDJtGVc/Kk+L/wIvLyZcxtfzH…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://karate24.pl/

present

• x-frame-options
• x-content-type-options
• permissions-policy

findings

• missing HSTS
• missing Content Security Policy
• missing Referrer Policy

Links to (1)

• facebook.com×1

Linked from (2)

• umlubartow.pl×1
• lubartow.pl×1