afa-aalsmeer.nl

HTML metadata

Technology

Server

nginx

CMS

WordPress

jQuery

1.11.3 known XSS (<3.5)

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (5)

• fonts.googleapis.com×3
• code.jquery.com×2
• www.google.com×2
• maxcdn.bootstrapcdn.com×1
• www.googletagmanager.com×1

Social

• linkedin
• facebook
• youtube
• instagram

Contact

Email

• afa@afa-aalsmeer.nl

Phone

• +31297320987

DNS records live

NS

• auth01-peer.ib.routit.net
• auth02-peer.ib.routit.net

MX

• 0 afaaalsmeer-nl0i.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 a:ziggo.nl a:smtp.ziggozakelijk.nl ip4:213.126.18.2 ip4:212.54.42.0/24 include:spf.protection.outlook.com ip4:212.54.34.0/24 -all

strict (-all)

DMARC

v=DMARC1;p=quarantine"

no policy tag

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8nrMsOAzvy2R78anQY+2B4maS07vCIPzQ96Z4116yCvXfmrovIBV+y4lSCCRh5Of8F9F4veEJz57NMzvfmp…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IY07gqc1VSb1yhUEl8/q9GcwLJ+yVDJspp20RGN5WoOsScZPgU4otJwXR56hKaF8LDonTcjwsJmIw…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://afa-aalsmeer.nl/

present

• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• youtube.com×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1

Linked from (1)

• scwrijsenhout.nl×1