indexo.dev

dynhus.nl

.nl crawl

First seen 2026-06-03 · Last seen 2026-06-03 · ok HTTP/1.1 200 284 ms crawled 2026-06-04

NL · 40.68.188.93 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Home | Dynhus
Description
Website
Language
nl

Technology

jQuery
3.6.0
Stack
ASP.NET
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • cdn-eu.readspeaker.com×1
  • fonts.googleapis.com×1

Social

Contact

Phone

DNS records live

NS
  • nsauth1.bit.nl
  • nsauth2.bit.nl
  • nsauth3.bit.org
MX
  • 0 dynhus-nl.mail.protection.outlook.com
TXT
  • PN0W46e3kGYGUuL0N29kR76FkLYXtNpiEVuLZnrybB0=
  • _43l811ood0v1fyj1505srg8hdmljrzd
Verified for
  • Google
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:_spf.itris.net include:spf.datab.nl include:spf.by-tres.nl ip4:185.150.157.75 ip4:167.89.100.227 ip4:193.75.92.155 ip4:193.75.92.156 include:spf.email.postex.com include:amazonses.com -all
strict (-all)
DMARC
not published
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp8odcbL9SOt3uYH8vUrnmFB6ynSYyfVkPNXeoalO6u/K0zICbRWBIE8RVkNyzltfIpK4UtuUcuASeOne1YS…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGYlcu9nk5G0jMsto3WUcc23Z8g16uKkKNN1m1nh+kHcZ5r+BgP8sGQ8kH/lbD2QL6KYNmHE1xG5jR…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP3s/ClpoRIfn0duRrhhMSD/RxKRT6VnR/E0k+EyR9VX6AAliQ9NbV6Tk7LrBzvV9LqYldiAOpNMYb8Ukq…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA82kgv79KVuhrgvB9Fkp5vxGwsHLouvUZOFPX6N6Yz4F0l1nBPUXUlGqct9O12ybi/OarhmZrUj/zz9p4kLAs+Q…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-01-04 to 2027-01-27
Expires in 236 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://dynhus.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin
permissions-policy
camera=(self), geolocation=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'self' 'nonce-F3nxUL9cwNSmjjseZNdx6xEv4lXbR7AQt4sPJIQbKA8=' https://dynhusapi.oozon.nl; script-src 'strict-dynamic' 'nonce-F3nxUL9cwNSmjjseZNdx6xEv4lXbR7AQt4sPJIQbKA8=' 'unsafe-inline' http: https: 'self' https://*.tolkie.nl; style-src * 'unsafe-inline' https://*.googleapis.com https://*.tolkie.nl; style-src-elem * 'unsafe-inline' https://*.googleapis.com; img-src * data: blob: https://*.tolkie.nl; font-src * data:; frame-ancestors 'self'; frame-src 'self' data: blob: https://*.blob.core.windows.net https://*.doubleclick.net https://*.googletagmanager.com https://*.google.com https://*.readspeaker.com https://*.tolkie.nl https://*.youtube.com https://player.vimeo.com; connect-src 'self' 'nonce-F3nxUL9cwNSmjjseZNdx6xEv4lXbR7AQt4sPJIQbKA8=' https://dynhusapi.oozon.nl https://dynhus.oozon.nl data: https://*.bing.com https://*.clarity.ms https://dc.services.visualstudio.com/v2/track https://*.google-analytics.com https://*.googlesyndication.com https://*.g.doub
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (3)

Linked from (1)