mrfillet.nl
mrfillet.nl
HTML metadata
Technology
- Server
- nginx
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (1)
- www.googletagmanager.com×1
Social
Contact
- Address
- Dieselweg 16, 3752 LB, Bunschoten-Spakenburg, Utrecht, NL
DNS records live
- NS
-
- docks05.rzone.de
- shades09.rzone.de
- MX
-
- 10 mrfillet-nl.mail.protection.outlook.com
- 20 em16554.mrfillet.nl
- Verified for
-
- Apple
- Microsoft 365
- OpenAI
Email authentication partial
- SPF
-
v=spf1 a include:spf.office-box.nl ip6:2a01:7c8:aab5:352::1/48 ip6:2a01:7c8:aab5:352::1/48 include:spf.afas.online include:_spf.google.com include:spf.ccvshop.eu include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=nonepolicy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqZGZuXFzdYNo4D0bIb8Scrx5oZ2/pXYBYbWUsrT2X3mlQEfK1jEHuKU1rvwsm1exOaCu4BccTg/bs… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+4kz8TlCvKdppaySERnjb63sIZtD7okTtFF/8fLVsGlXUvhU9OMPlwFdi8UrZy+8TSr/2lgm7bMIE2…
selectors probed - selector1:
Certificate (current)
R12
Expires in 52 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
camera=(), usb=(), microphone=(), midi=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' https:; object-src 'none'; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com; frame-ancestors *.webnl.nl; font-src 'self' *.googleapis.com *.gstatic.com; frame-src https:; worker-src blob:;