vaillant.nl

HTML metadata

Technology

CMS

Next.js

JS framework

Next.js

Third-party hosts loaded (4)

• cdn.consentmanager.net×2
• c.delivery.consentmanager.net×1
• cdn.optimizely.com×1
• logx.optimizely.com×1

Social

• youtube
• linkedin
• facebook

DNS records live

NS

• a.prim-ns.de
• a.sec-ns.net
• c.sec-ns.de
• m.sec-ns.de
• n.sec-ns.net

MX

• 10 vaillant-nl.mail.protection.outlook.com

TXT

• 9rY5iHz4DYd81iYrtfAKHXR6PBWoJgwXSO5U4bEcLYgRCe5XCq+4JCBe7/9eXpddoCUw801FPG8yDtg8Rtze4g==
• 7p494wyh5tm06kz91gg9x6k8nfn5r0t2
• _8jcmbcnwdwe6x86x7nmdlmn2wzqplln

Verified for

• Brevo
• GlobalSign
• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 mx ip4:57.66.132.25 ip4:57.66.132.26 ip4:57.66.132.12 ip4:57.66.211.122 ip4:57.66.211.126 ip4:57.66.211.130 ip4:57.66.211.134 include:spf.mandrillapp.com include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com

policy: none (monitoring only)

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.vaillant.nl

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP uses wildcard sources

Links to (6)

• facebook.com×1
• google.com×1
• linkedin.com×1
• myvaillantpro.nl×1
• vaillant-group.com×1
• youtube.com×1

Linked from (4)

• ventasol.nl×1
• awb.nl×1
• zetmop60.nl×1
• ew-installatietechniek.nl×1