driessen.nl
driessen.nl
HTML metadata
Technology
- Server
- Apache
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
- Font Awesome
Third-party hosts loaded (6)
- assets.driessengroep.nl×4
- use.typekit.net×3
- kit.fontawesome.com×2
- challenges.cloudflare.com×1
- use.fontawesome.com×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns1-07.azure-dns.com
- ns2-07.azure-dns.net
- ns3-07.azure-dns.org
- ns4-07.azure-dns.info
- MX
-
- 0 driessen-nl.j-v1.mx.microsoft
- TXT
-
5NEBCpiNuJWSiAjIfUC07sZbNvgaAeAMXqnzolrfo35rU4dONvFmIVSC8W0Wtm5IGizTKiYao0YSM1e648NoBQ==_3m971mfssn6fv7bj9didrkhxgprtpmm
- Verified for
-
- Apple
- Brevo
Email authentication strong
- SPF
-
v=spf1 redirect=cas341no._spf._d.mim.ecmissing all - DMARC
-
v=DMARC1; p=reject; rua=mailto:bbef4e226e21316@rep.dmarcanalyzer.com; ruf=mailto:bbef4e226e21316@for.dmarcanalyzer.com; pct=100; fo=1policy: reject (enforced) - DKIM
-
Show 5 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWGgFhoMuYd6QU9mFUbU2sSvQ8G1JoYcojn+3RAwm5oJ4u3bmCy27GtqalfbiWxETVWc5NQ/8dQiPE… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEJTYTKMMsDlmeBS3jxAXpYwe6huH6EzkTELtBJJ0Dz22SMHAtl8pY6k31CfIMDUt63XMryO9rlkGj… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jBC3x9AMOVjXJzJIgVPcfbJEcq09GLaO7GQO6dLzXq3vtSLO7CUzDPebiiq5mOZCeZ8nTmvvu8joTervF… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdivrclnSBhyAz2Cq6pSiAA5snTAGCctiyomBRnvKgLdJOJ1AQCbFvjBAKYOJNzPArP2Z9+I7cif1HW3GGm09qlo…
selectors probed - selector1:
Certificate (current)
DigiCert Global G2 TLS RSA SHA256 2020 CA1
Expires in 46 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'none'; child-src 'self' *.driessengroep.nl *.driessen.nl *.driessen.software www.youtube.com app.powerbi.com; connect-src 'self' *.driessengroep.nl *.google-analytics.com *.azure.com *.doubleclick.net *.driessen.nl *.driessen.software *.visualstudio.com *.google.com *.googleapis.com *.oribi.io *.fontawesome.com *.blueconic.net *.linkedin.com *.clarity.ms *.bing.com *.visualwebsiteoptimizer.com *.sentry.io *.diffuse.tools adservice.google.com api.leadinfo.com *.leadinfo.net www.google.com www.googleadservices.com www.facebook.com bat.bing.net *.dgtlassist.com *.googlesyndication.com api.ipify.org *.googletagmanager.com cdn.jsdelivr.net hscollectedforms.net track-eu1.hubspot.com unpkg.com challenges.cloudflare.com *.cloudflare.com https://o243225.ingest.sentry.io/api/5271646/envelope/; font-src 'self' *.driessengroep.nl *.driessen.nl *.driessen.software fonts.gstatic.com *.typekit.net *.jwpcdn.com *.fontawesome.com data:; frame-src 'self' *.driessengroep.nl *.driessen.nl *.d- strict-transport-security
max-age=63072000; includeSubDomains; preload