liberatingstructures.nl
liberatingstructures.nl
HTML metadata
Technology
- Server
- nginx
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (1)
- www.youtube.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns0.transip.nl
- ns1.transip.net
- ns2.transip.eu
- MX
-
- 10 mail.protonmail.ch
- 20 mailsec.protonmail.ch
- TXT
-
protonmail-verification=8afd8b37eb90807e7a44401e79febf3a6debf67f
Email authentication strong
- SPF
-
v=spf1 include:_spf.protonmail.ch include:_spf.transip.email ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; pct=10; rua=mailto:dmarc@liberatingstructures.nlpolicy: quarantine · pct=10 - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8rpDRl3n53ZJZVuLX+/8hCW8V18Vog6fX8dBoIDIOoo0gkXfg+QkBnvPZUiuBWzYYo+lqBFwNYyW2…
selectors probed - google:
Certificates
Loading certificate
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- missing Referrer Policy
Header values
- x-frame-options
DENY- permissions-policy
geolocation=(), midi=(), autoplay=(), xr-spatial-tracking=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; frame-ancestors 'self'; frame-src https://www.youtube.com; form-action 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'- strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload