dhm.nl
dhm.nl
HTML metadata
Technology
- Server
- Welcome
- jQuery
- 1.9.0 known XSS (<3.5)
- Stack
- ASP.NET
Third-party hosts loaded (6)
- s3.eu-west-1.amazonaws.com×23
- apollobusiness.freetls.fastly.net×6
- apollobusiness.global.ssl.fastly.net×1
- d258m94yw7900v.cloudfront.net×1
- maxcdn.bootstrapcdn.com×1
- wurfl.io×1
Contact
- Phone
- Address
- SOBA Security Academy BVRijnzathe 83454 PV De MeernTelefoon: 030 - 666 777 3Mail:info@dhm.nlBTW nummer: NL82051796B01KVK nummer: 56626770
DNS records live
- NS
-
- ns-h.dns.yourhosting.eu
- ns-i.dns.yourhosting.nu
- ns-j.dns.yourhosting.nl
- MX
-
- 10 mx2.mtaroutes.com
- 15 mx3.mtaroutes.com
- 20 mx4.mtaroutes.com
- 5 mx1.mtaroutes.com
- TXT
-
52.51.110.71
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.eu.signature365.net include:amazonses.com -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 44 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- missing content type protection
- missing Referrer Policy
Header values
- x-frame-options
AllowAll- permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()- content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'unsafe-inline' 'unsafe-eval' data:; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *;- strict-transport-security
max-age=31536000
Links to (4)
- soba.nl×1
- sern.nl×1
- securityenrecht.info×1
- cpion.nl×1