indexo.dev

bst.nl

.nl crawl

First seen 2026-06-02 · Last seen 2026-06-04 · ok HTTP/1.1 200 458 ms crawled 2026-06-03

NL · 35.214.141.28 · AS43515 Google Ireland Limited

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
BST
Language
en-US
Generator
Site Kit by Google 1.180.0
Canonical
https://bst.nl/

Technology

Server
nginx
CMS
WordPress
jQuery
3.7.1
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • www.googletagmanager.com×3
  • gmpg.org×1
  • www.google.com×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1.shockmedia.nl
  • ns2.shockmedia.nl
  • ns3.shockmedia.nl
MX
  • 10 bst-nl.mail.protection.outlook.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 +a +mx +ip4:89.184.172.4 +ip4:46.243.156.19 +ip4:217.171.227.103 include:spf.protection.outlook.com include:spf.afas.online include:spf-de.emailsignatures365.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email;
policy: none (monitoring only)
DKIM
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ/vvmZKfQym/injJ5FHt9xUIow0Re6RqxvG0VIIpAcTg3qC+h4WELkEDMPtQLkLiOTYiLB3a0Y1rgPGnUbV…
selectors probed

Certificate (current)

R12
from 2026-05-03 to 2026-08-01
Expires in 56 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://bst.nl/

present
  • x-content-type-options
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
x-content-type-options
nosniff

Links to (6)

Linked from (2)