matkalaukut.fi

HTML metadata

Technology

CDN

Cloudflare

jQuery

1.11.0 known XSS (<3.5)

Stack

PHP

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (6)

• fonts.googleapis.com×1
• fonts.gstatic.com×1
• koffertonline.no×1
• kuffertonline.dk×1
• www.googletagmanager.com×1
• xn--resvskor-3za.se×1

Contact

Phone

• 559119-1225

Address

Östermalmsgatan 26A, 114 26, Stockholm, SE

Registration

Created

2016-01-26

Name servers

• ingrid.ns.cloudflare.com [technical check not done]
• ishaan.ns.cloudflare.com [technical check not done]

DNS records live

NS

• ingrid.ns.cloudflare.com
• ishaan.ns.cloudflare.com

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

Email authentication partial

SPF

v=spf1 +a +mx +ip4:46.16.232.106 +include:_vsp.oderland.com +include:_spf.google.com +include:servers.mcsv.net include:_spf.rulemailer.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@rule.se; ruf=mailto:authfail@rule.se

policy: none (monitoring only)

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVuYE4/7Ab42cgGtVd3hwLgo/q6ySAyq9lE1niOiTAfDphGOdWQb46RlHSpUh2kAH9L3GM/siBgUlC…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://matkalaukut.fi/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles

Links to (3)

• resväskor.se×1
• kuffertonline.dk×1
• koffertonline.no×1

Linked from (3)

• koffertonline.no×1
• kuffertonline.dk×1
• resväskor.se×1