vandersanden.com

HTML metadata

Title

Together we build greatness | Vandersanden

Description

If you are looking for a wide range of facing bricks, facade systems, brick slips, and fired bricks, you have come to the right place.

Language

en

Generator

Drupal 11 (https://www.drupal.org)

Canonical

https://www.vandersanden.com/en

Translations

de-de
en
en-gb
fr-be
fr-fr
nl-be
nl-nl
pl-pl
ru-ru
tr-tr

Open Graph

title: Together we build greatness
description: If you are looking for a wide range of facing bricks, facade systems, brick slips, and fired bricks, you have come to the right place.

Technology

CMS: Drupal

Analytics

Google Analytics

Ads

Meta Pixel

Social widgets

YouTube Embed

Third-party hosts loaded (7)

www.youtube.com×5
connect.facebook.net×2
s7.addthis.com×2
www.google-analytics.com×2
cdn-eu.pagesense.io×1
maps.googleapis.com×1
www.google.com×1

Social

Contact

Email

Phone

Registration

Registrar

Key-Systems GmbH

Created

2000-06-29

Expires

2026-06-29 41 days left

Updated

2025-11-29

Name servers

dns1.level27.eu
dns2.level27.eu
dns3.level27.net

DNS records live

NS

dns1.level27.eu
dns2.level27.eu
dns3.level27.net

MX

5 vandersanden-com.mail.protection.outlook.com

TXT

atlassian-domain-verification=jSTIwoI7FSXhV0FfrSYTAqWrPVH0AgNMtkxvJZHN9cGcslXJVyOV3oO1HbXOEuvI
google-site-verification=aMRNLspy3YDnuo9e0OFaWVdaD273Q2duGB0evV7fNbE
YSeSg+PTIZkU2PEB5pVRgLRT8G57x1TmiP2KyAnntnjNJIiyjJG2KPBFpHyQ+4Nix0G86TNL1RDIP229syRPSg==

Email authentication strong

SPF

v=spf1 mx include:spf2.vandersanden.com include:spf.protection.outlook.com include:spf.exclaimer.net include:spf.afas.online include:sendgrid.net include:_spf.salesforce.com -all

strict (-all)

DMARC

v=DMARC1;p=quarantine;pct=100;rua=mailto:39ac9de781@rua.easydmarc.eu,mailto:dmarc@vandersanden.com;ruf=mailto:39ac9de781@ruf.easydmarc.eu,mailto:dmarc@vandersanden.com;ri=86400;fo=1;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe7dtrE0EVNs7nZvEuBn83nYiyf8A/hymURreE9nCyjLTcQEczQjh21pRwhZImFRJAa9JUhz+MJ51s83/MWk…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1NpX7rPjvjMnvPYKKA5EdsDoWi1YU9zJGDcWSB5qgAn9AG3DDXUW+cFBmeyWt+BnaTDJskzS4N/a7…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…

selectors probed

Certificate (current)

R12

from 2026-05-07 to 2026-08-05

Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.vandersanden.com/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.addthis.com *.addthisedge.com *.google.com *.googleadservices.com *.moatads.com *.pinterest.com *.vandersanden.com *.ytimg.com *.youtube.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.cloudflare.com *.gstatic.com *.googleoptimize.com *.licdn.com *.g.doubleclick.net *.googleadservices.com *.pinimg.com *.facebook.net *.facebook.com *.wisepops.com *.fedjuh.com https://geoip-js.com *.cookiebot.com *.windows.net *.polyfill.io *.cloudfront.net *.piwikpro.com *.livechatinc.com *.bing.com *.pardot.com *.getwisp.co *.wisepops.net *.jsdelivr.net *.linkedin.oribi.io *.demio.com *.zohocdn.com *.zoho.eu *.unpkg.com *.vdstest.be https://unpkg.com *.addtoany.com *.pagesense.io https://wisepops.net *.hotjar.com data: *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.
strict-transport-security: max-age=10000, max-age=63072000;includeSubDomains