tiltechniek.nl
tiltechniek.nl
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress 7.0
- PHP
- 8.2.31 security-only
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (1)
- www.googletagmanager.com×2
Social
Contact
DNS records live
- NS
-
- ns1.thednscompany.com
- ns2.thednscompany.com
- ns3.thednscompany.com
- MX
-
- 10 mail.tiltechniek.nl
Email authentication weak
- SPF
-
v=spf1 a mx include:servers.mcsv.net include:_spf.transip.email include:_spf.exactonline.nl ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
YR1
Expires in 84 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.bootstrapcdn.com *.gravatar.com *.googleapis.com *.cloudflare.com *.doubleclick.net *.gstatic.com *.fontawesome.com *.google-analytics.com *.youtube.com *.googletagmanager.com *.ytimg.com *.cloudfront.net *.alseenrodelap.nl *.youtube-nocookie.com *.google.com yootheme.com *.jsdelivr.net *.w.org *.wp.com *.wordpress.com *.fbcdn.net *.facebook.net *.facebook.com *.trustpilot.com onlineafspraken.nl *.onlineafspraken.nl *.googleadservices.com *.recaptcha.net *.doubleclick.net *.g.doubleclick.net stats.g.doubleclick.net *.spotify.com *.google.nl data:; worker-src 'self' blob:; frame-src 'self' blob: *.google.com *.youtube.com *.youtube-nocookie.com;- strict-transport-security
max-age=15768000; includeSubDomains