financesloisirs.be
HTML metadata
Technology
- CMS
- Drupal
Third-party hosts loaded (1)
- fa.forward.weactivate-digital.be×1
Social
DNS records live
- NS
-
- nszero1.axc.nl
- nszero2.axc.nl
Email authentication no MX
- SPF
-
v=spf1 a mx include:spf.protection.outlook.com include:spf.broker-dns.be ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 78 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
fullscreen=(self "https://player.vimeo.com" "https://www.youtube-nocookie.com")- x-content-type-options
nosniff- content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://noembed.com https://player.vimeo.com https://fa.forward.weactivate-digital.be https://fa.forward.digital-broker.be https://cdn.matomo.cloud https://cdnjs.cloudflare.com https://unpkg.com https://www.youtube.com https://ag-brokers.matomo.cloud; img-src 'self' data: https://i.vimeocdn.com https://i.ytimg.com https://lh3.googleusercontent.com https://ag-brokers.matomo.cloud; connect-src 'self' https://cdn.plyr.io https://noembed.com https://ka-p.forward.weactivate-digital.be https://ka-p.forward.digital-broker.be https://ag-brokers.matomo.cloud; frame-src https://ag-brokers.matomo.cloud 'self' https://www.youtube-nocookie.com https://player.vimeo.com; object-src 'none'; media-src 'self'- strict-transport-security
max-age=31536000
Links to (7)
- x.com×1
- mybroker.be×1
- linkedin.com×1
- gigatour.be×1
- feprabel.be×1
- facebook.com×1
- brocom.be×1