lewine.be

HTML metadata

Technology

Server

Apache

jQuery

3.1.1 known XSS (<3.5)

Stack

PHP

Third-party hosts loaded (3)

• ajax.googleapis.com×2
• developers.google.com×1
• maps.googleapis.com×1

DNS records live

NS

• ns1.cloud.telenet.be
• ns2.cloud.telenet.be
• ns3.cloud.telenet.be

MX

• 0 d222690.b.ess.uk.barracudanetworks.com
• 10 d222690.a.ess.uk.barracudanetworks.com
• 99 lewine-be.mail.protection.outlook.com

TXT

• ngisaa0ncav5mf10e91e3c4fvn
• p2iniucd3v994pb7n36f0r07sg
• 7i4na3sqn2hno3nlc2jqkobrv8

Email authentication strong

SPF

v=spf1 include:_spf.mlsend.com ip4:91.183.59.53 ip4:89.41.54.69 include:mailgun.org include:spf.protection.outlook.com include:spf.mandrillapp.com include:spf.ess.uk.barracudanetworks.com include:_spf.mailersend.net include:spf.eu.exclaimer.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:rua+lewine.be@dmarc.barracudanetworks.com; ruf=mailto:ruf+lewine.be@dmarc.barracudanetworks.com

policy: reject (enforced)

DKIM

• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIOnIpdz79M113ypx1dHxQ4XBCmaAjFcJWeGWWmuxwxIBUPfPTMf/53aRt45jVm5Wvyn2z0EvaT2Y0…
• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyVy154Ddet3qmsHP9xfCT4hffRoJiUxW0x2d7NtDjrJRct+ktUpaBqq65akn2Niav3ADd74M7PDRZh8Uh9wVP3lPGAWu…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://lewine.be/

present

• strict-transport-security
• x-frame-options

findings

• missing Content Security Policy
• weak frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (2)

• lewine.nl×1
• lewine.fr×1

Linked from (3)

• lewine.nl×1
• lewine.fr×1
• vino.be×1