downstairs.nl
downstairs.nl
HTML metadata
Technology
- Server
- Apache
- CMS
- Joomla
- jQuery
- 3.7.1
- Stack
- PHP
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- www.googletagmanager.com×3
- fonts.googleapis.com×2
- fonts.gstatic.com×1
- www.klantenvertellen.nl×1
- www.webdevspecialist.com×1
Social
Contact
- Phone
- Address
- Torenstraat 8, 5554 NK, Valkenswaard
DNS records live
- NS
-
- bilbo.downdijk.nl
- celebrimbor.downdijk.nl
- MX
-
- 0 downstairs-nl.mail.protection.outlook.com
- Verified for
-
Email authentication strong
- SPF
-
v=spf1 ip4:92.119.30.224 ip6:2a09:b340::f816:3eff:fe0e:57ba include:spf.protection.outlook.com include:ehv-virt-downdijk-web1.nefos.cloud -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; pct=100; ruf=mailto:abuse@downdijk.nl; rua=mailto:abuse@downdijk.nlpolicy: quarantine - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 46 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; default-src https://*.downstairs.nl; script-src 'self' blob: https://*.mediagroupholland.nl https://*.webdevspecialist.com https://*.piwik.pro https://*.adnxs.com https://*.adroll.com https://*.hotjar.com https://*.facebook.net https://*.downstairs.nl https://*.futy.io https://*.ldnfrpl.com https://*.leadinfo.net https://*.newrelic.com https://*.g.doubleclick.net https://vjs.zencdn.net https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com https://*.google.com https://*.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://*.mediagroupholland.nl https://*.webdevspecialist.com https://*.downstairs.nl https://*.futy.io https://vjs.zencdn.net https://*.google.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' https://*.webdevspecialist.com https://image2.pubmatic.com https://*.pubmatic.com https://*.taboola.com https://*.adnxs.com https://*.3lift.com https://image2.pubmatic.com https://*.outbrain.com https://*.openx.