blof.nl

HTML metadata

Technology

Server

nginx

CMS

WordPress

Analytics

• Google Tag Manager

Cookie consent

• Cookiebot

Third-party hosts loaded (6)

• www.googletagmanager.com×2
• cdn.brevo.com×1
• cdn.by.wonderpush.com×1
• cdn.jsdelivr.net×1
• consent.cookiebot.com×1
• www.facebook.com×1

Social

• facebook
• twitter
• instagram
• tiktok
• youtube

DNS records live

NS

• ns.dma.nl
• ns2.dma.nl
• ns3.dma.nl

MX

• 100 smtp.dma.nl

Verified for

• Brevo
• Meta

Email authentication partial

SPF

v=spf1 mx a ip4:194.109.24.0/24 include:servers.mcsv.net include:spf-considered-harmful.xs4all.nl ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com

policy: none (monitoring only)

DKIM

• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
• mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.blof.nl

present

• strict-transport-security
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing Content Security Policy
• weak content type protection
• missing Permissions Policy

Links to (17)

• zomerfestivaldenekamp.nl×1
• youtube.com×1
• wouwonstage.nl×1
• twitter.com×1
• tiktok.com×1
• spotify.com×1
• sonymusic.nl×1
• royalparklive.nl×1
• parkcitylive.nl×1
• metropool.nl×1
• instagram.com×1
• hengevelde.nl×1
• facebook.com×1
• concertatsea.nl×1
• centralparkfestival.nl×1
• bostheaterommen.nl×1
• agentsafterall.nl×1

Linked from (1)

• alderlane.ca×1