verenigingenweb.nl
HTML metadata
Technology
- Server
- nginx
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (2)
- use.typekit.net×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns1.genkgo.net
- ns2.genkgo.net
- ns3.genkgo.net
- MX
-
- 10 mx1.genkgo.net
- 50 mx2.genkgo.net
- TXT
-
ge-verification=bb59d1408da7edc2
Email authentication partial
- SPF
-
v=spf1 include:spf.genkgo.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none; sp=nonepolicy: none (monitoring only) · sp=none - DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 67 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self'; child-src 'self' *.youtube.com https://static.genkgo.com https://genkgo.genkgo.app; connect-src 'self' *.google-analytics.com https://static.genkgo.com https://genkgo.genkgo.app; font-src 'self' *.typekit.net *.googletagmanager.com fonts.gstatic.com https://static.genkgo.com https://genkgo.genkgo.app 'unsafe-inline'; img-src 'self' https://* https://static.genkgo.com https://genkgo.genkgo.app data:; media-src 'self' https://static.genkgo.com https://genkgo.genkgo.app; script-src 'self' *.youtube.com *.google-analytics.com *.googletagmanager.com https://static.genkgo.com https://genkgo.genkgo.app 'unsafe-inline'; style-src 'self' *.typekit.net *.googletagmanager.com fonts.googleapis.com https://static.genkgo.com https://genkgo.genkgo.app 'unsafe-inline'; report-uri https://verenigingenweb.nl/f/error-report/report/csp; upgrade-insecure-requests- strict-transport-security
max-age=31536000; preload
Links to (2)
- github.com×1
- genkgo.com×1