amsterdammuseum.nl

HTML metadata

Technology

Server

nginx

CMS

Next.js

JS framework

Next.js

Social

• instagram
• facebook
• youtube
• tiktok
• linkedin

Contact

Email

• %20webredactie@amsterdammuseum.nl

DNS records live

NS

• ns-1237.awsdns-26.org
• ns-1602.awsdns-08.co.uk
• ns-824.awsdns-39.net
• ns-96.awsdns-12.com

MX

• 10 amsterdammuseum-nl.mail.protection.outlook.com

TXT

• icgTqJ0ubbUL5aZ2oL+b9RSMj00xPeOd5P8JTKnT9oCxm4Vlo9OOhDVRFNuZYSY06dbiVqFWmAZdN8lOh19loA==
• tiktok-developers-site-verification=Enzej8Ap8DkgwmZE6n6WgAVZ1WnOCT1q

Verified for

• Google
• Meta

Email authentication weak

SPF

v=spf1 a include:spf.mandrillapp.com include:amazonses.com ip4:188.203.39.82/29 ip4:84.53.71.234/29 ip4:92.111.45.226/29 mx include:spf.protection.outlook.com include:_spf.eu.messagegears.net ~all

softfail (~all)

DMARC

not published

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uCpLtZFohT3YlSyB69M0izcHp2HXiZfzzi3pjjd6j4WwCJF+IrIk+aBOfc6tOwx83bPwB10Wp5U1y…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8pj9DKkIUM3/aRCe8mh/syE7jtERPUZzSZLvMV1pT6LjPYP01u4EasfHEOadu9sQyuUbd0bHSN+Ep…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.amsterdammuseum.nl/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• adlibhosting.com×1
• facebook.com×1
• instagram.com×1
• linkedin.com×1
• tiktok.com×1
• youtube.com×1

Linked from (1)

• ginger.nl×1