performation.com
performation.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (3)
- fonts.googleapis.com×5
- fonts.gstatic.com×2
- www.googletagmanager.com×1
Registration
- Registrar
- Key-Systems GmbH
- Created
- 2004-01-16
- Expires
- 2027-01-16 229 days left
- Updated
- 2026-04-23
- Name servers
-
- ns0.transip.net
- ns1.transip.nl
- ns2.transip.eu
DNS records live
- NS
-
- ns0.transip.net
- ns1.transip.nl
- ns2.transip.eu
- MX
-
- 0 performation-com.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
MS=9918022526DBFEC1433C89FA3F1882BF5834AEE0performation-web.azurewebsites.netbw=66HJKbgs44vLyawYc9scVfWuoQY2uy6I0k42cfH7uU7pa7jp49FSMQ+jeCnTzNcQK/wWSMTINn66d94FQ1hS9wpxwIvhOWqHwQShZHEZE6Rcpbv+oU9xqCLv7yOmSLP6Dw==
- Verified for
-
- Apple
- Atlassian
- Dynamics 365
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.afas.online ip4:92.42.235.0/24 ip4:5.39.174.249 ip4:83.143.187.131 ip4:83.143.187.141 ip4:213.199.154.239 ip4:40.95.51.84 mx:performation.com a:outbound.protection.outlook.com a:mail-eopbgr130102.outbound.protection.outlook.com a:mail-in-ext02.hosting.widexs.nl a:mailgun.org a:gw2.mail.uniserver.nl ip4:195.69.75.5 a:spf-de.emailsignatures365.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:652e6beecad48@ag.dmarcly.com; ruf=mailto:652e6beecad48@fo.dmarcly.com; sp=none;policy: none (monitoring only) · sp=none - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhDA8sKAR/6dI4iBqEiZFgwkQFlks3Pem3InVWnmCX+Awu4DxuzyTNomUjv9H5nBMEXdRW5SMe7EmHkXl/ux… - selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFVR9iZh0sZnkuS/gVfmENUY7DVkK5tyjs04yimDgMD5xIdD/qKqHvU7j4EQKREtUK9YHiZpGeInduNw6nq…
selectors probed - selector1:
Certificate (current)
E8
Expires in 80 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), sync-xhr=(), usb=()- x-content-type-options
nosniff- content-security-policy
default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline'; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' *.googleusercontent.com www.googleadservices.com www.google-analytics.com *.google.com *.googletagmanager.com *.leadfeader.com cdn.cookie-script.com *.surveysparrow.com www.google.nl www.google.com cdn.jsdelivr.net *.lfeeder.com *.clarity.ms connect.facebook.net googleads.g.doubleclick.net static.hotjar.com script.hotjar.com snap.licdn.com *.azureedge.net; style-src * data: blob: 'unsafe-inline' 'self'; img-src * data: blob: 'unsafe-inline' 'self'; font-src * data: blob: 'unsafe-inline'; object-src 'none'; base-uri 'self'; frame-ancestors 'self' performation.com; block-all-mixed-content; upgrade-insecure-requests;- strict-transport-security
max-age=2592000; includeSubDomains
Links to (1)
Linked from (1)
- enof.nl×1