perfon.nl

.nl crawl

First seen 2026-06-02 · Last seen 2026-06-03 · ok HTTP/1.1 200 1354 ms crawled 2026-06-02

NL · 188.166.29.128 · AS14061 DigitalOcean, LLC

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title

Homepage - Perfon

Description

Perfon is producent van flexibele verpakkingen voor de food en non-food industrie. Lees op onze homepage meer over ons bedrijf.

Language

nl-NL

Canonical

https://www.perfon.nl/

Translations

Open Graph

url: https://www.perfon.nl/
title: Homepage - Perfon
locale: nl_NL
site name: Perfon
description: Perfon is producent van flexibele verpakkingen voor de food en non-food industrie. Lees op onze homepage meer over ons bedrijf.

Technology

Server: Apache
CMS: WordPress
jQuery: 3.7.1

Social

Contact

Email

%20info@perfon.nl

Phone

+31 547 276 100

DNS records live

NS

kara.ns.cloudflare.com
rob.ns.cloudflare.com

MX

10 perfon-nl.mail.protection.outlook.com

Verified for

Apple
Microsoft 365

Email authentication strong

SPF

v=spf1 a mx ip4:46.243.31.44 ip4:77.222.71.61 include:spf.protection.outlook.com include:_spf_eucentral1.prod.hydra.sophos.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpefcz+NYzhaYnE+4TDYHG6L+SDyK66FkKmdM7RRY3fkA9hsWfx+ELq4FU/72LPUxbeskpkeycNDFV…

selectors probed

Certificate (current)

R13

from 2026-04-08 to 2026-07-07

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.perfon.nl/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:; script-src-elem 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:; script-src-attr 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline' https://p.typekit.net https://use.typekit.net https:; style-src-elem 'self' 'report-sample' 'unsafe-inline' https://p.typekit.net https://use.typekit.net https:; style-src-attr 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https:; font-src 'self' data: https:; frame-src 'self' https:; img-src 'self' data: https:; manifest-src 'self'; media-src 'self' https:; worker-src 'none'; report-uri https://69c2732b9a289d40e65d7df4.endpoint.csper.io?builder=true&v=2;