nuvelstijn.nl
HTML metadata
Technology
- jQuery
- 3.7.2
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (3)
- cdn.dailycms.com×33
- scontent-ams2-1.xx.fbcdn.net×3
- www.googletagmanager.com×2
Social
Contact
- Phone
- Address
- Industrieweg 20, 4283 GZ, Giessen, NL
DNS records live
- NS
-
- etta.ns.cloudflare.com
- greg.ns.cloudflare.com
- MX
-
- 1 nuvelstijn-nl.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 mx include:spf.dailycms.com include:spf.protection.outlook.com include:mail-008.bis-bv.nl include:mail008.jamilo.nl ip4:77.60.41.139 -allstrict (-all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoEF+ZYWmuNc2+LDLNRwPvH9/wScu5rPjtYX8z/cWsdsFNLo+H7rtbHtbgQcxwY3RbePW1BeYGrMa4gkHWtY…
selectors probed - selector1:
Certificate (current)
E7
Expires in 75 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- missing frame protection
Header values
- referrer-policy
strict-origin-when-cross-origin- permissions-policy
microphone=(), camera=()- x-content-type-options
nosniff- content-security-policy
script-src 'nonce-0MwkPaMD22GUWkxDlDJXfKFMKmxYpcmm' 'strict-dynamic' 'unsafe-inline' https:;script-src-attr 'none';worker-src 'self';manifest-src 'self';object-src 'none';base-uri 'none';frame-ancestors 'self';form-action 'self';frame-src https://td.doubleclick.net https://www.googletagmanager.com 'self';- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
same-origin