indexo.dev

dezwartedoos.nl

.nl crawl

First seen 2026-05-29 · Last seen 2026-05-29 · ok HTTP/1.1 200 436 ms crawled 2026-05-31

NL · 213.207.97.37 · AS9150 ML Consultancy

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Home | De Zwarte Doos
Description
De Zwarte Doos is dé locatie voor vergaderingen, lunchafspraken, presentaties, groepsdiners en borrels. Naast het restaurant met verschillende zithoeken beschikken we over een theaterzaal en diverse vergaderzalen
Language
nl

Technology

Server
nginx
Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts

Third-party hosts loaded (2)

  • use.typekit.net×2
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • ns0.transip.net
  • ns1.transip.nl
  • ns2.transip.eu
MX
  • 0 dezwartedoos-nl.mail.protection.outlook.com
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEuXZns1RquQ7zr2o+6/ZrFs2XXw6M5IcJtZ10i9v1/6yiw7uDWVAXMPsld8TeO75wbd6BkKcNZRqn…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA640lmnfns6Xw70NMAKCua1gZ9UnkHAxC2JW4IUdnYQrMCfPeIbKVE3xuG1n63cvhCTWJs5xPz+HP/P…
selectors probed

Certificate (current)

R12
from 2026-05-13 to 2026-08-11
Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://dezwartedoos.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • weak content type protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self' https:; font-src 'self' https: http: data:; img-src 'self' https: http: data: 'unsafe-inline'; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'; connect-src 'self' ws: wss: https: http://localhost:3035 ws://localhost:3035 ws://dev.lico.nl:3035
strict-transport-security
max-age=63072000; includeSubDomains, max-age=63072000; preload

Links to (4)

Linked from (1)