curalia.be

HTML metadata

Title

Home | Curalia

Language

nl

Canonical

https://www.curalia.be/nl

Translations

fr
nl

Technology

Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Third-party hosts loaded (2)

static.addtoany.com×1
www.googletagmanager.com×1

Social

Contact

Email

735.80.55info@curalia.be

Phone

1196-298-10-2717

DNS records live

NS

dina.ns.cloudflare.com
dom.ns.cloudflare.com

MX

10 curalia-be.mail.protection.outlook.com

TXT

spf2.0/pra include:spf.flexmail.eu ?all
IgRUczJ8wLJuGpncxNhohDfdru5XnIuq

Verified for

GlobalSign
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.flexmail.eu ip4:195.13.7.0/27 ip4:188.118.13.64/28 include:sendgrid.net include:amazonses.com include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@curalia.be; ruf=mailto:dmarc@curalia.be; fo=1

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDH0aozfpW7+QfH0+cRGPwdZufXIX/jCSgncfd2YEHXB3gqS6MOFG7AZ7OxWM179TDjpo0DCflIwLKR0YKiHM…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfzq2DcXNJDRpXjtGNQs4Rn/YWRmO6gWkyjFEB7gHgVS8PujiU/YV+6HyWluRcUORHzxLJzeWcsx+XK8IX…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC27VTbJAPhe15a8t595c7HMdDW8Ty6tsABsyTKtevG+FmwyByFD1dRnQHpioTynlE7tXeSOl7zLsOtW65j605Sqy…

selectors probed

Certificate (current)

R13

from 2026-04-01 to 2026-06-30

Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.curalia.be/nl

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=*, geolocation=(), gyroscope=(), microphone=(), picture-in-picture=*
x-content-type-options: nosniff
content-security-policy: object-src 'none'; script-src * 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src * 'report-sample' 'unsafe-inline'; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri https://www.curalia.be/nl/report-uri/enforce
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin