vrh.nl
HTML metadata
Technology
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (6)
- cdn.jsdelivr.net×1
- cdnjs.cloudflare.com×1
- consent.cookiefirst.com×1
- f1-eu.readspeaker.com×1
- fonts.googleapis.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Registrar
- Realtime Register
- Created
- 1999-12-31
- Updated
- 2024-05-24
- Name servers
-
- be.ns.vip.nl
- dns.resolver.domains
- nl.ns.vip.nl
DNS records live
- NS
-
- be.ns.vip.nl
- dns.resolver.domains
- nl.ns.vip.nl
- MX
-
- 10 vrh-nl.mail.protection.outlook.com
- TXT
-
DomainVerification=MIHJ17PMRMIHJYV9F3VUBTUJS50EOXCMTY0W74OP9VCUXTZ7S2OYG68DVYWCTOO3ms=ms86466687
- Verified for
-
- Apple
- Microsoft
Email authentication strong
- SPF
-
v=spf1 ip4:194.151.85.23 ip4:35.204.119.241 include:_spf.axxerion.com include:spf.topdesk.net include:spf.otys.nl include:spf.protection.outlook.com include:mailgun.org include:spf.mailjet.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; pct=100; fo=1; ri=86400; sp=none; rua=mailto:e7c60fd4@dmarc.mailgun.org,mailto:309735bb@inbox.ondmarc.com,mailto:securitymelding@vrh.nl; ruf=mailto:e7c60fd4@dmarc.mailgun.org,mailto:309735bb@inbox.ondmarc.com;policy: reject (enforced) · sp=none - DKIM
-
Show 6 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97fj9yx3HxwTtfgI457LwIeBw8ZwOC8wxJ9GQbziSwqx0PcvW+w3lOm4gM927ykzkMVWKAYlpxwD20… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkrfe9lov1vYL31B7Rl/Q0rH81flta6JushwMKS+OdgJtC0Ct3eKjLAAU9dCqgehb/bY4IBuotqYNp… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRqPfO3VsHo2z9/Aov9NJSDqgfkwhep8NWWpi1XqcX3kNd7aHupQLaIFVIqIjCedqabSR/DzB/nPVPiPWgrVQN7Wy9yXL… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9difjKAVXCjW5AON0Dd69/R7YrcsqzUWMNl8Tgkw5n6h4hVy3yqppDq7CsbrXobiQ1+6tyhKmUncHhMK3R… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3yY2rEVxZhGIscAoAfY52eKxnBUxUA6IDS2XB4kZ4Z/v53fzFhrNqICKmxBe6cIcFRBjKWfndip2PClSs0DIpQy…
selectors probed - selector1:
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 12 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' snap.licdn.com connect.facebook.net cdn.jsdelivr.net *.googleapis.com *.cloudflare.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com *.scribit.pro *.youtube.com *.cookiefirst.com *.readspeaker.com; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com use.typekit.net cdn.jsdelivr.net p.typekit.net *.cookiefirst.com *.readspeaker.com; img-src 'self' *.ads.linkedin.com *.facebook.com *.gstatic.com *.googleapis.com *.google-analytics.com data: *.vrh.nl vrh.nl *.cookiefirst.com; media-src 'self' *.googleapis.com; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.google.com; frame-ancestors 'self' vrhintranet.nl *.vrhintranet.nl; child-src 'self' *.youtube-nocookie.com *.youtube.com; font-src 'self' themes.googleusercontent.com use.typekit.net fonts.gstatic.com data:; connect-src 'self' *.ads.linkedin.com *.google-analytics.com *.googleapis.com *.scribit.pro *.cookiefirst.com *.readsp- strict-transport-security
max-age=31536000; includeSubDomains