persberichtenrotterdam.nl

HTML metadata

Technology

Server

nginx

CMS

WordPress

jQuery

3.7.1

DNS records live

NS

• ns0.transip.net
• ns1.transip.nl
• ns2.transip.eu

MX

• 10 mx.transip.email

Email authentication partial

SPF

v=spf1 include:sendgrid.net include:spf.sendingservice.net include:spf.flowmailer.net include:_spf.transip.email ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@inbound.flowmailer.net,mailto:dmarc@smtpeter.com; ruf=mailto:dmarc@inbound.flowmailer.net,mailto:dmarc@smtpeter.com; fo=1;

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoXEPV15tZs/LTXCukaz1BSraj+wJMlai+mGJwVteVOCOFVlRPCWQBV54Nf18yQaVUmoQQRob/R8b1Hd0N…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMMyWL2xDbm0WAgd2vT+UqbFixzXpaVB+aG7OhFDKGvAdvWTqjEOo7rOa2ock0jRJrcpq84QvK/1uuit/QJEy+pM…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://persberichtenrotterdam.nl/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing Permissions Policy

Links to (1)

• wereldkundig.nl×1

Linked from (2)

• cultuurencampusrotterdam.nl×2
• vuurwerkmanifest.nl×1