autodata.nl

HTML metadata

Technology

Server

Apache

jQuery

1.9.1 known XSS (<3.5)

Cookie consent

• OneTrust

Fonts

• Font Awesome
• Google Fonts

Third-party hosts loaded (6)

• cdn.cookielaw.org×2
• ajax.googleapis.com×1
• cdn.jsdelivr.net×1
• fonts.googleapis.com×1
• maxcdn.bootstrapcdn.com×1
• use.fontawesome.com×1

Social

• facebook
• linkedin
• youtube

Contact

Phone

• 0886006401

DNS records live

NS

• dns1.cscdns.net
• dns2.cscdns.net

MX

• 10 mxa-0022b902.gslb.pphosted.com
• 10 mxb-0022b902.gslb.pphosted.com

TXT

• _lzum87j5pemcqdmmbsa8cuct9hmjn8q
• wombat-verification=3KwxVCQV1HEp-aRXRTKKaZ5G0frhk
• _ey7ms2v8uxi5da48fi1b4gxjhkhzbl3

Verified for

• Atlassian
• OneTrust

Email authentication strong

SPF

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT9n+5Uxotuto0gj+FABJTmKG6VhMWNQOONrRkxVZgPSiR7E8Q2DdDobECMVvdCXowt/aiGJI0JH3q…
• s1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V4kSCK8B9XtYu5XrqgZiu9dMCYsMGGowVF963x4UCinEfWOi9F28EmUEp1TVJX+7jwekUHTT4mpnp…

selectors probed

Certificate (current) wrong cert

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://www.autodata.nl/autodata2016/

present

• referrer-policy

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Permissions Policy

Links to (4)

• youtube.com×1
• solera.nl×1
• linkedin.com×1
• facebook.com×1

Linked from (1)

• vanvlietauto.nl×1