rexel.se

HTML metadata

Technology

CDN

Azure Front Door

jQuery

3.2.1 known XSS (<3.5)

JS framework

Angular 19.2.14

Stack

Java

Analytics

• Google Tag Manager

Third-party hosts loaded (3)

• cmsdatabase.rexel.com×9
• sweden.a.bigcontent.io×3
• www.googletagmanager.com×3

Social

• instagram
• facebook
• linkedin
• youtube

Contact

Email

• fornybart@rexel.se
• belysning@rexel.se

DNS records live

NS

• dns1.zaccodigitaltrustlabs.com
• dns2.zaccodigitaltrustlabs.net
• dns3.zaccodigitaltrustlabs.se
• dns4.zaccodigitaltrustlabs.se

MX

• 0 rexel-se.mail.protection.outlook.com

TXT

Show 29 TXT records

• _rvg89fjfnu0hwf8w03ym8pdecf38t5p
• _rqdnwxesdljm0rft7qnydofeondpn8g
• _f99hecegighuyu23yukuwqbrkotf448
• _0dujoguy46lfukjkvl5on1mqyvjmsn8
• _t3uutw21g6txyh0sksytv47alnrshzk
• _kp808i7z3ua3r2yxnfs5dt6gcq0cui9
• fnxrbzhqzhk4mlkzfpg93mgdxz83yt8b
• ydgjfxcldlnhwvtmmw1yj6w75tfxddvp
• _io2o1iny16bbai6lhazajunblo1i2ga
• _rq4x2lj75iv0jqwlviuxfqlvpuunvgc
• _920k3nbh5f42uawcvnqiiy9ct5uct9e
• _0ietaql2207vujopxov8rukgbouew9w
• _rgruolpb5r2gg9hil38aovusyae50hc
• _rne3h1v28rnnc5ks9m700aspc5kurix
• _cgax71uxdeslflcc7p0pm4nnfrognm0
• v2mgwlw2j21sxxf0d35r904vksgsncdn
• _7vg0z9ylqn0bsic9iwabtp0j5r981ps
• _qadfj8l3eulb5li2u5ixt9x1duiv270
• _sni84vwn4qmmyxnh1h8mdfzqz1ynell
• _pwzw9lfyb6d8ji2ql4laps7dxtgu4p6
• DomainVerification=HK2DDHY4IVKZW8AEVUD0O1W3K9DRFLF0I79F3VUCYDREFOV05HPSJ07QRDA3BZPA
• lsvq6wjw6fplw9tprmvvkpbd2dw6bq5k
• 985pbhkqnzkqpft1m6tlgz7z4c16pkyz
• _t0jwef7a54x956vp3r1drrefzya5c3c
• 7m8nk1ymxb68sdl3g48ls6tsk3jlc2nf
• r3bc4tjll901t9dfdrkhl8d8x4k5ck09
• mms13lw6jmqzbf0zdvy3rx3d0w2vs2vg
• _8xedngjmqqeigx0mdp2lp1zq40ub03r
• _57uade1itrmbl3zwrmx4l48ki3gwpuy

Verified for

• Adobe
• Apple
• Atlassian
• GlobalSign
• Google
• Microsoft
• Microsoft 365
• OneTrust

Email authentication partial

SPF

v=spf1 a mx include:_spf1.rexel.se include:_spf2.rexel.se include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; fo=0; rua=mailto:dmarc-rexel_se@rexel.se

policy: none (monitoring only)

DKIM

Show 5 DKIM selectors

• default: v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDV37ViPSDKA47nSZwc+gVo/XaLKiZeiwNSJMzyLtOie7VKjFxT/jMM7WTX2Mq//NV5ezSVWxSJh7fvd…
• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDm36Npz8857btXNUVvRo+fNzg0xsicVVZoYXE1nrE6u7josg7+I32W3pgC1TYZybhtB+hV63skOJdeVP0uYm…
• mail: v=DKIM1; k=rsa; s=email;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFsvGKSkPpbuNPMi0QqpN3x4jR9mhXRgp7FwEze3uLW0qrWCz7eMwSoVOEV6fadCLODkEgHxAoZ8…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6suYLnoK+cFvNRKns3m2ZTb/DPO6/Q+LBMGQ63SnqIevHSQQ2IHDMdwy/a8L5erXJbbOrK+78g7JSTMQO1…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxesp7tQ1gVQC4sth3cNLoD7B06hj8FfIfmNzgowomeWvod3p2hhO7xKj76bmgQrwHKOHkxkC8Mnj5lUGqq8oUA6…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.rexel.se/swe/

present

• strict-transport-security
• x-content-type-options

findings

• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (9)

• youtube.com×1
• rexel.com×1
• mynewsdesk.com×1
• linkedin.com×1
• instagram.com×1
• google.com×1
• facebook.com×1
• bigcontent.io×1
• apple.com×1

Linked from (4)

• gigamedia.se×1
• datacentreexpo.se×1
• norwesco.se×1
• stockholmtechshow.se×1