allinecht.nl

HTML metadata

Technology

Server

nginx

CMS

Joomla 8.3.2

Fonts

• Google Fonts

Social widgets

• YouTube Embed

Third-party hosts loaded (5)

• www.youtube.com×2
• fonts.googleapis.com×1
• maxcdn.bootstrapcdn.com×1
• www.facebook.com×1
• www.google.com×1

Social

• facebook
• instagram

DNS records live

NS

• ns1.whirlwind.nl
• ns2.whirlwind.nl

MX

• 10 mx01.hornetsecurity.com
• 20 mx02.hornetsecurity.com
• 30 mx03.hornetsecurity.com
• 40 mx04.hornetsecurity.com
• 50 allinecht-nl.mail.protection.outlook.com

Verified for

• Google
• Meta
• Microsoft 365

Email authentication weak

SPF

v=spf1 a mx include:spf.hornetsecurity.com include:spf.protection.outlook.com ip4:103.36.108.234 ip4:77.72.145.166 include:sendgrid.net include:spf.whirlwind.nl include:spf.cloudorb.com ~all

softfail (~all)

DMARC

not published

DKIM

• default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhtl4din37HX6UxPCmjD7UIJMpZOWfQPP77x2ICUOhDvC58SWELEsH1mWr+4G5mzqe0ti8AI9df4UzHMU3suhzTba0I…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9ghXqXYSuEaqK4QuDvpJpdfGz5bjGjqrrVvex4PiJaonZiZxHXQHY9vvh+pAVhjKTxgmhB4OzNmFm5Qt6…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCf3n52ORiex9rF90MgfrFCBL4Cvawk9Dc5T3acqMWt7CLPtRuUOiwJdSZ4bpK4M07Lqf6HamXKvQLK5dblWzJU+8…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://allinecht.nl/nl

present

• x-frame-options
• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• weak frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• wa.me×1
• instagram.com×1
• facebook.com×1
• entertrainevents.nl×1
• bmileisure.com×1

Linked from (1)

• entertrainevents.nl×1