werkenbijkorian.nl
werkenbijkorian.nl
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (3)
- consent.cookiefirst.com×1
- use.typekit.net×1
- www.googletagmanager.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns0.transip.net
- ns1.transip.nl
- ns2.transip.eu
- MX
-
- 10 mx1.nowonline.nl
Email authentication weak
- SPF
-
v=spf1 include:_spf.nowonline.nl ?allneutral (?all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 254 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; img-src https: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.botframework.com 'self' blob: 'self' data: 'self'; worker-src blob: 'self'; script-src https: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.botframework.com 'unsafe-inline' 'unsafe-eval' 'self'; frame-src https: https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'self'; frame-ancestors https: 'self'; font-src https: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.botframework.com 'self' data: 'self'; connect-src https: http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com wss://*.botframework.com;- strict-transport-security
max-age=63072000; includeSubdomains;
Links to (7)
- youtube.com×1
- tiktok.com×1
- linkedin.com×1
- korian.nl×1
- instagram.com×1
- idw.nl×1
- facebook.com×1
Linked from (2)
- korian.nl×1
- rosorum.nl×1