traverswelzijn.nl

HTML metadata

Technology

Server

Apache

CMS

WordPress

jQuery

1.11.3 known XSS (<3.5)

Fonts

• Adobe Fonts

Third-party hosts loaded (2)

• ajax.googleapis.com×2
• use.typekit.net×2

Social

• facebook
• twitter
• linkedin
• instagram

Registration

Registrar

Xcellerate

Created

2009-07-03

Updated

2019-02-22

Name servers

• ns3.xcellerate.nl
• ns2.xcellerate.nl
• ns1.xcellerate.net

DNS records live

NS

• ns1.xcellerate.net
• ns2.xcellerate.nl
• ns3.xcellerate.nl

MX

• 10 mail.xcellerate.nl

Verified for

• Google
• Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.xcellerate.net a:mail.travers.nl a:web01.impres.nl a:web02.impres.nl include:_spf.shockmedia.nl ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; sp=reject;

policy: quarantine · sp=reject

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqGZFxeYnArFWYr4txhtB+iYz9umpXjAbaNn6IvpO/7HJuraBAwZLNX6stKjxkN2oKUOrh0tvNuI0j…
• dkim: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnMiT9T3KjZt0/FLRp/D9HWy/Hhm/aLUWajQfl7s9UH2wIvGPT5sDzvms68LqlFSboFU1ml6qUUCM1+PDL1v…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://traverswelzijn.nl/

present

• content-security-policy

findings

• missing HSTS
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (10)

• zwolledoet.nl×1
• twitter.com×1
• travers.nl×1
• samenzwolle.nl×1
• linkedin.com×1
• instagram.com×1
• hetwerktsociaal.nl×1
• hedon-zwolle.nl×1
• facebook.com×1
• doomijn.nl×1