indexo.dev

airmiles.nl

.nl crawl

First seen 2026-05-24 · Last seen 2026-05-29 · ok HTTP/1.1 200 3096 ms crawled 2026-05-29

NL · 20.103.149.218 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Air Miles
Language
nl

Open Graph

title
Air Miles
site name
Air Miles

Technology

CDN
Azure Front Door

Registration

Registrar
Registrar.eu
Created
1997-03-20
Updated
2025-07-04
Name servers
  • nsplus6.2is.be
  • nsplus7.2is.eu
  • nsplus5.2is.nl

DNS records live

NS
  • nsplus5.2is.nl
  • nsplus6.2is.be
  • nsplus7.2is.eu
MX
  • 0 airmiles-nl.p-v1.mx.microsoft
TXT
  • airmiles.nl
Verified for
  • Apple
  • DocuSign
  • Google
  • Meta
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:spf.topdesk.net include:sendgrid.net include:spf.afas.online -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:postmaster@airmiles.nl; adkim=s; aspf=s;
policy: reject (enforced)
DKIM
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCZ5UG3qNN8LhdQOPmgPNlr0n9sL92QaHJ9FytRFkN1Vea4hEFmpAyF0o3lTnmDBogMFR6H+jUGqOa5h6tvsH…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK+/iNyRh6jMoV9x6lRhU12Z3mOjdZP8CLxAkf1dCAU8rABBm47QMuEKF7emtplt7VlNmDryKQt/9cEol/…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbq8uGbLkLeu5FzqDCbbcihSi/qJ0sh0m6SrMFPon1Pg3XDXRGPs7XkRtJ0z73oW56IneP6FOi0bEGTg5c5yXXvt…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-05-07 to 2026-11-22
Expires in 174 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.airmiles.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
origin
x-frame-options
DENY
permissions-policy
autoplay=(), camera=(), fullscreen=(), geolocation=(), microphone=(self "https://app.talkjs.com"), midi=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
frame-src 'self' www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ www.googletagmanager.com tracking.airmiles.nl *.doubleclick.net vars.hotjar.com www.youtube.com www.booking.com air-miles.leadfamly.com campaign-zone-1.api.leadfamly.com app.talkjs.com *.visualwebsiteoptimizer.com app.vwo.com air-miles.campaign.playable.com form.typeform.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.talkjs.com *.visualwebsiteoptimizer.com app.vwo.com air-miles.campaign.playable.com s3.amazonaws.com www.gstatic.com; font-src 'self' script.hotjar.com fonts.gstatic.com air-miles.campaign.playable.com; img-src 'self' *.airmiles.nl *.airmilesshop.nl *.jibecompany.com media.umbraco.io www.googletagmanager.com www.google-analytics.com www.google.com www.google.nl *.googlesyndication.com *.doubleclick.net s3-eu-west-1.amazonaws.com cdn.talkjs.com script.hotjar.com www.facebook.com cook.shortest-route.com *.visualwebsiteoptimizer.com app.vwo.com files.cdn.leadfamly.com chart.googleapis.c
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (3)