vermeulenzevenaar.nl

HTML metadata

Technology

Server

Microsoft-IIS

CMS

Ghost

Analytics

• Google Tag Manager

Social widgets

• YouTube Embed

Third-party hosts loaded (2)

• www.youtube.com×2
• www.googletagmanager.com×1

Social

• facebook
• linkedin
• youtube

Contact

Phone

• 0316523142

DNS records live

NS

• ns01.hostnet.nl
• ns02.hostnet.nl

MX

• 0 vermeulenzevenaar-nl.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 mx a include:spf.protection.outlook.com ip4:37.97.254.27 ip4:20.107.55.245 ip4:64.23.99.146 ip4:5.34.238.103 -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; pct=100; fo=1

policy: quarantine

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC06wjcTwD3i4kmHwXRptKgGJtAIChvpAyCwVsuiNfZEryWbZk2bJRFUoL/McD7TM5zMewQbofj3Qo2Jy5Dep…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumJO3AmlpmmOoAliBRvGgKHdUPIUEjtSO3ny0fp0zKWevElpczozK+pLY3809jqldFgyEHWQtyz7WY…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://vermeulenzevenaar.nl/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• weak frame protection

Links to (4)

• youtube.com×1
• nopcommerce.com×1
• linkedin.com×1
• facebook.com×1

Linked from (2)

• wessam.nl×1
• berghinhetzadel.nl×1