zorgstart.nl

HTML metadata

Technology

Server

nginx

CMS

WordPress 7.0

PHP

8.3.31 security-only

jQuery

3.7.1

Analytics

• Google Tag Manager

Cookie consent

• Cookiebot

Fonts

• Google Fonts

Social widgets

• YouTube Embed

Third-party hosts loaded (5)

• fonts.googleapis.com×3
• www.googletagmanager.com×2
• consent.cookiebot.com×1
• gmpg.org×1
• www.youtube.com×1

Social

• facebook
• instagram
• linkedin

DNS records live

NS

• georgia.ns.cloudflare.com
• hank.ns.cloudflare.com

MX

• 0 zorgstart-nl.mail.protection.outlook.com

TXT

• TcHL9ifn8JbAYDvJj4T4AWFGK9bOxoOm

Verified for

• Google
• Microsoft 365

Email authentication strong

SPF

v=spf1 a mx ip4:93.94.228.88 include:spf.mandrillapp.com include:spf.protection.outlook.com include:spf.hosting.nl -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:6724efd7d90e4f8db9b2ee650c7f49eb@dmarc-reports.cloudflare.net

policy: reject (enforced)

DKIM

• default: v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfNn7/bABpanteoorB5WKZz8UQYJGSBAXXn7FppCeU2GoD+oU4gqrao+gPuYSGAHn+ojkcbRWvbU0uqN7i3fJ0…
• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71KmVyHgLvyDXW8F5+BJUe5Q4vau1exVntM7bBzYKxwqoq27tvHZ939BPNlDdl5kP000lwFx8sEKjK…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://zorgstart.nl/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• wijzijnmeo.nl×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1

Linked from (3)

• sterkinjewerk.nl×1
• werkenbijlivio.nl×1
• werkenbijzorggroepsintmaarten.nl×1