merchantcreditcorp.co

HTML metadata

Technology

Server

LiteSpeed

CMS

WordPress 7.0

jQuery

3.7.1

Fonts

• Google Fonts

Third-party hosts loaded (3)

• fonts.googleapis.com×3
• fonts.gstatic.com×1
• gmpg.org×1

Contact

Email

• info@merchantcreditcorp.co

Phone

• +64 9 5244269
• +64 21 659310
• +64 210 267 9221

DNS records live

NS

• ns1.thewebhostserver.com
• ns2.thewebhostserver.com
• ns3.thewebhostserver.com
• ns4.thewebhostserver.com

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

TXT

• v=DMARC1; p=none

Verified for

• Google

Email authentication weak

SPF

v=spf1 ip4:91.232.125.3 include:thewebhostserver.com ip4:162.252.83.202 ip4:95.215.224.58 ip4:91.232.125.67 ip4:103.13.242.194 +a +mx +ip4:167.86.88.57 +ip4:167.86.104.81 +ip4:162.221.188.250 +ip4:98.142.106.178 +ip4:192.110.214.1 +ip4:107.190.133.129 +ip4:107.182.162.21 +ip4:107.190.133.24 +ip4:107.190.133.25 include:relay.mailchannels.net -all

strict (-all) · multiple SPF records

DMARC

not published

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QDMvqZh84X1o0/W2eThItjk9nnA9NE9vNsw/6oN1IE3vhF54Rsp6sHeNVsGI2ALs5CvzlxjiHln+a…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.merchantcreditcorp.co/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• whatsapp.com×1

Linked from (1)

• dorf-hervest.de×1