wereldvakantiehuis.nl

HTML metadata

Technology

Server

nginx

PHP

7.4.33 end of life

jQuery

1.11.2 known XSS (<3.5)

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (6)

• ajax.googleapis.com×2
• fonts.googleapis.com×2
• www.googletagmanager.com×2
• fonts.gstatic.com×1
• www.facebook.com×1
• www.wereldvakantiehuis.be×1

Social

• facebook
• twitter
• instagram

DNS records live

NS

• ns10.networkoperations.nl
• ns11.networkoperations.nl

MX

• 0 wereldvakantiehuis-nl.mail.protection.outlook.com

Verified for

• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 a mx include:_spf.beslotendeel.nl include:spf.protection.outlook.com include:eu.mailgun.org -all

strict (-all)

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

• default: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvi9JDHc2KBHp+DVBMHO76yG4gtyEf+e8xQ1l6WTvjbLjKwEMoO3sk1wFm7rKsVHpa/gVWQ6AuFnYUU3NYmpL…
• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaC4R0wj96JXcx6kvRyioP6HfeC28GnJKGLq1zwXjHSK3QMJU3IXTorw+sky/jWSq9IWEYvPxeKzQ70GMHHeTffbkH6G6…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.wereldvakantiehuis.nl/

present

• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing HSTS
• missing Content Security Policy
• missing Permissions Policy

Links to (3)

• twitter.com×1
• instagram.com×1
• facebook.com×1

Linked from (2)

• wereldvakantiehuis.be×1
• holland-vakantiehuis.nl×1