de-vogel.nl

.nl crawl

First seen 2026-06-03 · Last seen 2026-06-03 · ok HTTP/1.1 200 765 ms crawled 2026-06-03

NL · 213.193.247.32 · AS15703 TrueFullstaq B.V.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Homepage - Recreatiecentrum De Vogel

Language

Generator

Procurios

Translations

Open Graph

title: Homepage

Technology

jQuery: 2.2.4 known XSS (<3.5)

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (4)

lib.hmcms.nl×3
fonts.googleapis.com×2
static.holidayagent.nl×1
www.googletagmanager.com×1

Social

Contact

Email

info@de-vogel.nl

Phone

+31114681625

DNS records live

NS

ns1.holidaymedia.nl
ns2.holidaymedia.net
ns3.holidaymedia.nl
ns4.holidaymedia.eu

MX

10 infodatek-mx1.titanhq.com

Email authentication weak

SPF: v=spf1 a mx ip4:213.184.106.32 exists:%{ir}._spf.msdp1.com include:_spf.tommybookingsupport.com include:_spf.inboxify.nl include:_spf.laveto.nl a:host-o61u8h.cbn1.zeelandnet.nl -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-05-06 to 2026-08-04

Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.de-vogel.nl/en/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src *; img-src * data:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; base-uri 'self'; form-action *; frame-ancestors 'self'
strict-transport-security: max-age=31536000

Links to (7)

Linked from (1)

easybe.nl×1