noraliv.se

HTML metadata

Technology

Server

nginx

CMS

WordPress

Fonts

• Google Fonts

Third-party hosts loaded (2)

• fonts.googleapis.com×2
• fonts.gstatic.com×1

DNS records live

NS

• ns-cloud-d1.googledomains.com
• ns-cloud-d2.googledomains.com
• ns-cloud-d3.googledomains.com
• ns-cloud-d4.googledomains.com

MX

• 10 mail.wootemple.com

Email authentication partial

SPF

v=spf1 include:spf.wootemple.com include:sendgrid.net ?all

neutral (?all)

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

• mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5MKmb1rjplGX4tKwXaVfNes8Lr3DYg83CS/nf/nfeO+hKpVZDxKnOfnBJayxP4CAerVzRSxxdfIv2Q2U3C/…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP4FymlsYjfbV+NMPev6yCblTTh/qatdWtZMeDVY/xnEHe/15PQhLfoYoVbOJBWEZZUCY6ymtPSoY/pCMm…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiyVwv7S9lqI/FnzHPAuMXw8g2DH6/h50Ro5/goy3fkGNKQAMwELxL6zjma6KrmKA9W6rELr5wk+axjt/e…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://noraliv.se/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• nora.se×1

Linked from (2)

• visitnora.se×1
• handlainora.se×1