fleurop.be

HTML metadata

Technology

Server

Apache

CMS

Gatsby

PHP

7.3.22 end of life

jQuery

1.11.3 known XSS (<3.5)

Stack

PHP

Analytics

• Google Tag Manager

Third-party hosts loaded (6)

• images.florarium.prod.fleurop-interflora.be×24
• cdn.jsdelivr.net×3
• ajax.googleapis.com×2
• ucarecdn.com×1
• www.googletagmanager.com×1
• www.kiyoh.com×1

Social

• facebook
• instagram

Contact

Email

• info@fleurop.be

Phone

• +3222422964

DNS records live

NS

• ns-cloud-b1.googledomains.com
• ns-cloud-b2.googledomains.com
• ns-cloud-b3.googledomains.com
• ns-cloud-b4.googledomains.com

MX

• 10 server4.stenan.be

TXT

• aPqYppTDuOOqpgEUseoMPe56sh70vldi

Verified for

• Google
• Meta

Email authentication partial

SPF

v=spf1 +a +mx +ip4:84.22.98.113 include:mailgun.org include:mail.zendesk.com include:mg.fleurop.be include:mailgun.us ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
• mail: v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vSPPPUi+B5xqvt5Uzy/7ohLhVvvS5QEOdhjRx8cut77QxFiqJNX/od01I5jQxvmFK/jK+ZL+AE9hbmZDg+pw6…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.fleurop.be/

present

• x-frame-options

findings

• missing HSTS
• missing Content Security Policy
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (3)

• livechatinc.com×1
• instagram.com×1
• facebook.com×1

Linked from (1)

• fleursbottin-englebert.be×1