indexo.dev

bestkeptsecret.nl

.nl crawl

First seen 2026-05-11 · Last seen 2026-05-17 · ok HTTP/1.1 200 9805 ms crawled 2026-05-17

DE · 3.66.59.4 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Best Kept Secret Festival 2026 • Best Kept Secret • JUNE 12-13-14
Language
en
Canonical
https://www.bestkeptsecret.nl/
Translations
  • en

Open Graph

title
Best Kept Secret Festival 2026

Technology

Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts

Third-party hosts loaded (3)

  • flackr.github.io×1
  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • yahir.ns.cloudflare.com
  • zainab.ns.cloudflare.com
MX
  • 10 mx.mailprotect.be
  • 50 mx.backup.mailprotect.be
Verified for
  • Brevo
  • Meta

Email authentication partial

SPF
v=spf1 include:_spf.spotler.email include:mail.zendesk.com include:_spf.relay.mailprotect.be -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2025-08-04 to 2026-09-03
Expires in 105 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.bestkeptsecret.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src data: 'self' https://placeholder.inventis.be https://*.ytimg.com https://*.youtube.com https://*.youtu.be https://*.vimeo.com https://youtube.com https://youtu.be https://*.youtube-nocookie.com https://vimeo.com https://*.vimeo.com https://*.vimeocdn.com https://*.spotify.com https://*.tiktok.com https://*.snapchat.com https://*.facebook.com https://*.facebook.net https://*.typekit.net https://*.google.be https://*.google.nl https://*.google.com https://*.googletagmanager.com https://*.analytics.google.com https://*.doubleclick.net https://m16.mailplus.nl https://flackr.github.io https://*.google-analytics.com https://region1.google-analytics.com https://mpc2-prod-1-is5qnl632q-uc.a.run.app https://demo-1.conversionsapigateway.com https://squeezely.tech https://*.squeezely.tech https://*.googlesyndication.com https://*.brevo.com/; block-all-mixed-content; object-src 'none'; script-src 'self' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' 'nonce-FIUzQvAEQzZQv9chB9Gd0Q=='; sty
strict-transport-security
max-age=2592000

Links to (7)

Linked from (1)