cranendonck.nl
cranendonck.nl
HTML metadata
Technology
- CMS
- Drupal
- JS framework
- Next.js
Third-party hosts loaded (3)
- cuatro.sim-cdn.nl×69
- cranendonck.logging.simanalytics.nl×1
- fonts.bunny.net×1
Social
DNS records live
- NS
-
- ns1.bhosted.nl
- ns3.bhosted.nl
- ns4.bhosted.nl
- MX
-
- 10 cranendonck-nl.mail.protection.outlook.com
- TXT
-
bHosted.nl - http://www.bhosted.nlMlMZAdIOGE3/E1o3eE/WobsxmnHKT/umJA/rN/eP3gY=_rf874m5c6dhmmtej5zzidtejos84sfd
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 ip4:80.112.197.162 ip4:81.246.113.50 ip4:205.201.128.0 ip4:198.2.128.0 ip4:148.105.8.0 ip4:5.100.224.128 ip4:52.19.38.9 ip4:18.202.91.215 ip4:52.215.107.130 ip4:52.19.205.25 ip4:108.128.129.201 ip4:99.80.186.233 ip4:52.210.114.41 ip4:52.31.212.238 ip4:34.240.38.117 ip4:91.213.115.15 ip4:91.213.115.16 ip4:91.213.115.17 ip4:45.80.232.20 ip4:85.90.85.193 ip4:85.90.85.177 ip4:193.163.108.129 ip4:199.255.192.0 ip4:199.127.232.0 ip4:54.240.0.0 ip4:69.169.224.0 ip4:23.249.208.0 ip4:23.251.224.0 ip4:76.223.176.0 ip4:54.240.64.0 ip4:54.240.96.0 ip4:76.223.128.0 ip4:216.221.160.0 ip4:206.55.144.0 ip4:91.218.37.0 ip4:185.54.113.15 ip4:84.247.10.126 ip4:149.210.141.108 ip6:2a01:7c8:bb01:2a8:5054:ff:fe63:ce37 ip6:2a01:7c8:aab1:24c:5054:ff:fe29:5aaa include:mailgun.org include:spf.protection.outlook.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; sp=reject; rua=mailto:jisjm8rl@ag.eu.dmarcadvisor.com,mailto:rapportages@dmarc.ibdgemeenten.nl; ruf=mailto:dmarc_ruf@cranendonck.nl,mailto:jisjm8rl@fr.eu.dmarcadvisor.com; fo=1policy: reject (enforced) · sp=reject - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxsB2DQ8Lq9H5DVEWUDOBXO/ho0DWPhUqH+wPdU70onxwUtmDeuobBqDGVF/XDrRfS4K+QbB5YorcT248sqe… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMi7LfEqB3hVwhnPKcktcbxErcrtETfa71ifcg2d92m/3ITHrOYy8TLW+5mJkLhaqjC7Lq1dSAc9iC… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed - selector1:
Certificate (current)
Thawte TLS RSA CA G1
Expires in 232 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- content-security-policy-report-only
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; img-src * data: 'unsafe-inline' blob:; style-src * 'unsafe-inline' blob:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src *; form-action *; media-src *.readspeaker.com *.streamlock.net *.archieven.nl storage.googleapis.com scribit-pro-hosting.storage.googleapis.com scribit-pro.storage.googleapis.com app.talkjs.com *.bbvms.com *.cloudfront.net data: 'self' blob:; frame-src *; frame-ancestors 'self' https://*.polly.help; worker-src * 'unsafe-inline' blob:;- strict-transport-security
max-age=31536000- content-security-policy-report-only
default-src 'self'; img-src * data: blob:; style-src * 'unsafe-inline' blob: https://fonts.bunny.net; font-src 'self' data: https://fonts.bunny.net https://fonts.gstatic.com https://cuatro.sim-cdn.nl https://cuatro.sim-cdn-acceptatie.nl https://cuatro.sim-cdn-test.nl; script-src 'nonce-NDI1OTdjOWQtNDg2Yy00YmNlLTk5YzktMDUwMWQwMGJmOWE3' 'strict-dynamic' 'report-sample'; connect-src *; form-action 'self'; media-src https://*.readspeaker.com https://*.streamlock.net https://storage.googleapis.com https://scribit-pro-hosting.storage.googleapis.com https://scribit-pro.storage.googleapis.com https://app.talkjs.com 'self' blob:; frame-src *; frame-ancestors 'self' https://*.polly.help; worker-src * 'unsafe-inline' blob:; report-uri /api/csp-report
Links to (6)
- youtube.com×1
- x.com×1
- pagefreezer.nl×1
- linkedin.com×1
- instagram.com×1
- facebook.com×1
Linked from (1)
- vrbzo.nl×1