indexo.dev

bioscoopbon.nl

.nl crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 903 ms crawled 2026-06-02

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Nationale Bioscoopbon | Het Leukste Cadeau In Het Donker
Description
Geef de Nationale Bioscoopbon cadeau. Kies digitaal of fysiek, direct geleverd of per post. Inwisselbaar bij bioscopen en filmtheaters in heel Nederland.
Language
nl-NL

Open Graph

title
Nationale Bioscoopbon | Het Leukste Cadeau In Het Donker
description
Geef de Nationale Bioscoopbon cadeau. Kies digitaal of fysiek, direct geleverd of per post. Inwisselbaar bij bioscopen en filmtheaters in heel Nederland.

Technology

CDN
Vercel
CMS
Next.js

Third-party hosts loaded (2)

  • nationale-bioscoopbon.stream.prepr.io×86
  • chatwidget-prod.web.app×1

DNS records live

NS
  • ns1.vevida.net
  • ns2.vevida.net
  • ns3.vevida.com
MX
  • 10 bioscoopbon-nl.mail.eo.outlook.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 a mx include:outlook.com ip4:83.149.86.160/27 ip4:83.149.121.128/26 include:authsmtp.com include:emsd1.com include:spf.vevida.com ~all
softfail (~all)
DMARC
v=DMARC1;p=none;
policy: none (monitoring only)
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoDPluue33FgmiF+ABIPrCV3AjrN76ZdGf75ES32VfNO8ueMC2Q5sQofRryjpxlDGf2NuQco7wUU6VGWzc8Y…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpto5hEioxbRawpAjz69VVQTL79+FBThu9CxaRZUnqyo58RFx/Yc4LEuL8f7NwlncDDvlk8tD+E+/LrYCtYC…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O9t/8k87rRyxeNSS9Pot+YAvhfIyMojmmC4B9U8YX2OeNU47mRccqmxzH6chWY18K6Z3pPpTxpAgcZ0Ef…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O9t/8k87rRyxeNSS9Pot+YAvhfIyMojmmC4B9U8YX2OeNU47mRccqmxzH6chWY18K6Z3pPpTxpAgcZ0Ef…
selectors probed

Certificate (current)

R12
from 2026-04-29 to 2026-07-28
Expires in 55 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.bioscoopbon.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), microphone=(), geolocation=(), payment=(), usb=(), interest-cohort=()
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://tracking.bioscoopbon.nl https://consent.cookiebot.com https://consentcdn.cookiebot.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com https://pagead2.googlesyndication.com https://*.hotjar.com https://*.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://cdn.tracking.prepr.io https://tracking.prepr.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://chatwidget-prod.web.app https://connect.facebook.net ; frame-src https://consent.cookiebot.com https://consentcdn.cookiebot.com https://www.google.com https://www.googletagmanager.com https://tracking.bioscoopbon.nl https://td.doubleclick.net https://chatwidget-prod.web.app https://www.facebook.com ; frame-ancestors https://*.prepr.io ; img-src 'self' blob: data: https://imgsct.cookiebot.com https://*.google-analytics.com https://*.googletagmanager.com https:
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Linked from (1)