indexo.dev

workingatdorc.com

.com crawl

First seen 2026-04-18 · Last seen 2026-05-15 · ok HTTP/1.1 200 8530 ms crawled 2026-05-12

NL · 37.203.60.2 · AS39637 ADES BV

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Working for DORC, so that others can see again | Working at D.O.R.C.
Description
Do you want to do work that matters? Then working for DORC is just the ticket for you! Together we enable people from all over the world to see again
Canonical
https://www.workingatdorc.com/

Open Graph

url
https://www.workingatdorc.com/
title
Working at D.O.R.C.
description
Are you enterprising, professional, involved, refreshing and ready for a new challenge?

Technology

CMS
Ghost
Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts
Social widgets
  • YouTube Embed

Third-party hosts loaded (4)

  • use.typekit.net×1
  • www.google.com×1
  • www.googletagmanager.com×1
  • www.youtube.com×1

Social

Contact

Phone

Registration

Registrar
Key-Systems GmbH
Created
2022-05-23
Expires
2026-05-23 3 days left
Updated
2025-12-01
Name servers
  • ns0.transip.net
  • ns1.transip.nl
  • ns2.transip.eu

DNS records live

NS
  • ns0.transip.net
  • ns1.transip.nl
  • ns2.transip.eu
MX
  • 10 workingatdorc.com

Email authentication partial

SPF
v=spf1 ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-01-06 to 2027-02-06
Expires in 262 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.workingatdorc.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; img-src https: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.botframework.com 'self' blob: 'self' data: 'self'; worker-src blob: 'self'; script-src https: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.botframework.com 'unsafe-inline' 'unsafe-eval' 'self'; frame-src https: https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'self'; frame-ancestors https: 'self'; font-src https: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.botframework.com 'self' data: 'self'; connect-src https: http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com wss://*.botframework.com;
strict-transport-security
max-age=63072000; includeSubdomains;

Links to (6)

Linked from (2)