davitamon.nl

HTML metadata

Title

Davitamon: alles over vitamines, mineralen en supplementen

Description

Het lichaam heeft elke dag verschillende voedingsstoffen nodig om goed te blijven functioneren. Lees hoe Davitamon in elke levensfase kan helpen.

Language

nl-NL

Generator

WP Rocket 3.20.3

Canonical

https://www.davitamon.nl/

Feeds

Davitamon RSS Feed RSS

Open Graph

url: https://www.davitamon.nl/
title: Davitamon: alles over vitamines, mineralen en supplementen
locale: nl_NL
site name: Davitamon
description: Het lichaam heeft elke dag verschillende voedingsstoffen nodig om goed te blijven functioneren. Lees hoe Davitamon in elke levensfase kan helpen.

Technology

CDN: Cloudflare
CMS: WordPress
jQuery: 3.1.0 known XSS (<3.5)

Analytics

Google Tag Manager

Ads

Meta Pixel

Cookie consent

OneTrust

Fonts

Google Fonts

Third-party hosts loaded (6)

cdnjs.cloudflare.com×3
cdn.cookielaw.org×2
fonts.googleapis.com×2
www.googletagmanager.com×2
connect.facebook.net×1
www.facebook.com×1

Contact

Phone

24-0217-0253

Registration

Registrar

MarkMonitor Inc.

Created

1998-05-14

Updated

2025-04-04

Name servers

lara.ns.cloudflare.com
olof.ns.cloudflare.com

DNS records live

NS

lara.ns.cloudflare.com
olof.ns.cloudflare.com

MX

10 mx.mailprotect.be
50 mx.backup.mailprotect.be

TXT

mail-grant:taeu+qy3+ajzt4hupolmq3srwxw=
mail-grant:vjdg924vbwzgepeq+tgg7tyjzyg=

Verified for

Google

Email authentication partial

SPF: v=spf1 include:emsd1.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-05-23 to 2026-08-21

Expires in 81 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.davitamon.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=self
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.davitamon.nl; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.davitamon.nl *.addtoany.com *.adsrvr.org *.amazon-adsystem.com *.azure.com *.bootstrapcdn.com *.channelsight.com *.ckeditor.com *.clic2buy.com *.click2buy.com *.cloudflare.com *.cookielaw.org *.criteo.com *.criteo.net *.delivr.net *.doubleclick.net *.facebook.com *.facebook.net *.google.co.in *.google.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.hotjar.com *.hotjar.io *.jquery.com *.jsdelivr.net *.myfonts.net *.newrelic.com *.onetrust.com *.outbrain.com *.pinterest.com *.recaptcha.net *.snapchat.com *.soundcloud.com *.static.net *.taboola.com *.teads.tv *.typekit.net *.unpkg.com *.vimeo.com *.visualstudio.com *.wp.com *.youtube.com addtoany.com adsrvr.org amazon-adsystem.com azure.com bootstrapcdn.com channelsight.com ckeditor.com clic2buy.com click2buy.com cloudflare.com cookielaw.org criteo.com criteo.net delivr.net doubleclick.net facebook
strict-transport-security: max-age=63072000; includeSubDomains