waterlooplaza.be

HTML metadata

Technology

Server

Apache

PHP

8.2.31 security-only

jQuery

3.1.1 known XSS (<3.5)

Stack

PHP

Third-party hosts loaded (3)

• ajax.googleapis.com×2
• maxcdn.bootstrapcdn.com×1
• www.google.com×1

Social

• facebook
• instagram

Contact

Email

• webmaster@waterlooplaza.be
• waterloowebmaster@waterlooplaza.be

DNS records live

NS

• ns1.thservices.be
• ns2.thservices.be

MX

• 0 waterlooplaza.be

Email authentication weak

SPF

v=spf1 +a +mx +ip4:135.125.7.133 +ip4:217.182.89.62 +ip4:46.105.229.186 +ip4:141.94.110.97 +ip4:141.94.101.239 +ip4:141.94.150.99 +ip4:149.202.77.5 +ip4:148.251.88.125 +ip4:148.251.88.112 +ip4:46.105.104.36 +ip4:5.196.100.232 ~all

softfail (~all)

DMARC

not published

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD3j9VZHX4gKd8Joiydz1ahKfKFiz/0DaWQUIpoCjQu4pgEaEIdajyFEt726aXo6T65cgo9iMdkgeJ…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.waterlooplaza.be/

present

• strict-transport-security
• x-frame-options
• x-content-type-options

findings

• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (14)

• whatgalerie.be×1
• waterloosundayshopping.be×1
• waterloosmartgift.be×1
• ucclecity.be×1
• thservices.be×1
• passage-wellington.be×1
• orgabroc.org×1
• mazerinevillages.be×1
• mazerinevillage.be×1
• instagram.com×1
• google.com×1
• facebook.com×1
• brainelalleudcity.be×1
• acjbw.be×1

Linked from (2)

• brainelalleudcity.be×1
• groupe-r.be×1