nibc.be
nibc.be
HTML metadata
DNS records live
- NS
-
- anycast-eu.dns.sqr.nl
- unicast-eu.dns.sqr.domains
- MX
-
- 10 nibc-be.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com include:_spf.salesforce.com include:spf.simplemailservice.eu -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; sp=none; adkim=r; aspf=r;policy: quarantine · sp=none - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QfIkuBuUPvbVHpDXjBCRnd/CI3ijq/5+jy3ShAl3PJkpAgOFcBKrA2XHgWN4g366AEL0DAefwzXuS…
selectors probed - selector1:
Certificate (current)
PerfectSSL
Expires in 12 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin, SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src https: *.clickmeter.com *.adnxs.com *.doubleclick.net; img-src 'self' https://be-gmtdmp.mookie1.com/ data: *.googletagmanager.com *.clickmeter.com bat.bing.com *.google.be *.googleadservices.com *.doubleclick.net *.facebook.com *.google-analytics.com *.google.com *.adnxs.com; style-src 'self' 'unsafe-inline' https:; script-src 'unsafe-eval' 'unsafe-inline' 'self' *.googleadservices.com https://cdn.mookie1.com/ https://secure.adnxs.com/ s3.amazonaws.com bat.bing.com *.googleapis.com *.vimeo.com *.youtube.com *.facebook.net *.googletagmanager.com www.google-analytics.com *.google.com static.nibcdirect.be *.doubleclick.net *.serving-sys.com *.adnxs.com nibc.containers.piwik.pro nibc.piwik.pro- strict-transport-security
max-age=31536000, max-age=31536000; includeSubDomains