misterimprese.it

HTML metadata

Technology

Server

Apache

jQuery

2.1.3 known XSS (<3.5)

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• maxcdn.bootstrapcdn.com×3
• s3-eu-west-1.amazonaws.com×3
• ajax.googleapis.com×1
• www.googletagmanager.com×1

DNS records live

NS

• ns1.eurodns.com
• ns2.eurodns.com
• ns3.eurodns.com
• ns4.eurodns.com

MX

• 10 mail.misterimprese.it

Verified for

• Stripe

Email authentication partial

SPF

v=spf1 a mx ip4:145.239.141.218 ip4:94.141.21.26 ip4:94.23.71.125 ip4:37.59.34.25 ip4:217.182.133.29 include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none; fo=0;

policy: none (monitoring only) · sp=none

DKIM

Show 4 DKIM selectors

• default: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYRt3Mf1wfJDrpXPR4NslwqaQRRBEDiGtz/2aTHZ8Te1+T3O7auqou0qRaZ2B7rW219zxgG+8qQHO+XY0PD8…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs994L3Uxc1zfjngwOOtVcdRm/JcVKvMpOiLYjBnfm2swQjqsuoEKiJT+Yk9RuBicdJwhGocfck56HrHRY8…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF0Hnb60IWBUnvGxYkEdXlwS7bOhkyrr83CQKKZwyVliB+Fn7FKH+Gp3YSwSuCiFmhJ9kPjI8AdG1wXemDsl77CV…
• smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.misterimprese.it/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (10)

• misterwhat.pt×1
• misterwhat.pl×1
• misterwhat.nl×1
• misterwhat.fr×1
• misterwhat.dk×1
• misterwhat.de×1
• misterwhat.com×1
• misterwhat.co.uk×1
• misterwhat-au.com×1
• jobbydoo.it×1

Linked from (1)

• c3studio.it×1