merlinx.pl

HTML metadata

Technology

CDN

Cloudflare

CMS

WordPress 5.8.13 legacy (latest 7.0)

PHP

7.2 end of life

jQuery

3.6.0

Analytics

• Google Tag Manager

Fonts

• Font Awesome

Third-party hosts loaded (4)

• use.fontawesome.com×3
• www.googletagmanager.com×3
• gmpg.org×1
• s.w.org×1

Social

• facebook

Contact

Phone

• 1999999999

DNS records live

NS

• beth.ns.cloudflare.com
• theo.ns.cloudflare.com

MX

• 10 www150.your-server.de
• 20 www150.your-server.de

TXT

• google-site-verification_old=pf3rZe8-qQsQG3a6cmrZTsiVsgX5OFNhbUonH-preyk
• mojecertpl-site-verification-nJwTbabdJITpwjcN2EM9uIRxY9Q047Mf

Verified for

• Google

Email authentication partial

SPF

v=spf1 ip4:45.10.37.98 ip4:85.202.58.118 ip4:45.10.37.119 ip4:213.133.104.150 ip4:83.144.94.146 ip6:2a01:4f8:d0a:2111::2 -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYnnLSQwDGg1G7mA2KKWAWFTtlg45x0ukrntfZGltizVjbYYZ7HdG2S1OT4Xvmq+B9nkOpDV59BZDnBGTq…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QCSRC0Kb+H3yOaccWjp29bED4LubbMXrQsht3IRpjrNXYmpV6uVFSuHixTm03MZ0dAH3MtwAxHq/n6fbu…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.merlinx.pl/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• facebook.com×1
• mailerlite.com×1
• merlinx-cloud.com×1
• presscustomizr.com×1
• vcms.eu×1
• wordpress.org×1

Linked from (1)

• otds.de×1