msml.nl
msml.nl
HTML metadata
Technology
- Server
- nginx
- Analytics
-
- Google Tag Manager
- Plausible
Third-party hosts loaded (3)
- www.googletagmanager.com×2
- js.hcaptcha.com×1
- plausible.io×1
Social
Contact
- Phone
- Address
- AdresLeeuwenbrug 1217411 TH Deventer
DNS records live
- NS
-
- donna.ns.cloudflare.com
- rocky.ns.cloudflare.com
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- Verified for
-
- Apple
Email authentication strong
- SPF
-
v=spf1 include:_spf.google.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; adkim=s; aspf=s;policy: quarantine - DKIM
-
- k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed - k1:
Certificate (current)
R12
Expires in 40 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
Header values
- x-frame-options
SAMEORIGIN- permissions-policy
interest-cohort=()- x-content-type-options
nosniff- content-security-policy
default-src 'self';base-uri 'self';object-src 'self';form-action 'self';font-src 'self' data:;connect-src 'self' https://plausible.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com;img-src 'self' blob: data: https://*.google-analytics.com https://*.googletagmanager.com https://www.facebook.com;script-src 'self' 'strict-dynamic' 'unsafe-eval' https://plausible.io https://js.hcaptcha.com https://*.googletagmanager.com 'nonce-RAgpVRwGwMF1a4BQ2BCLRxYbIbYRHRQq';style-src 'self' 'unsafe-inline';frame-src 'self' https://*.google.com https://*.hcaptcha.com- strict-transport-security
max-age=15768000; includeSubDomains; preload