indexo.dev

eancodeboek.nl

.nl crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 410 ms crawled 2026-06-01

US · 104.18.27.149 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Eancodeboek
Language
en

Technology

CDN
Cloudflare
Fonts
  • Google Fonts

Third-party hosts loaded (1)

  • fonts.gstatic.com×1

DNS records live

NS
  • aarav.ns.cloudflare.com
  • wally.ns.cloudflare.com
MX
  • 100 mx1.xs4all.nl
  • 100 mx2.xs4all.nl
  • 100 mx3.xs4all.nl
  • 100 mx4.xs4all.nl
TXT
Show 5 TXT records
  • 8S8mXiCdni2N56INHOPo0nNLDpsnQB0OXKacFfqMbh0h45nIq4wAPehKiyJOTL3l
  • Dqag9SaaWB03UbriHRzcxjTfbmvNMeCNy8SxW6WKSRmJqIaYy755spXPLE6U9LYv
  • nwOJhan4lCbyVjagZH3PywP5od2f7blWh0OTVFQDf9MaQvXnDtlvVTYLIPZnmIZC
  • 5ecd6be8-5ea4-453f-943c-f1705c8b26a0
  • 5rNWQHRmucEkls3IPGgXyPFO40cj5a7Bod8UiLAIbY0YOwf9j0uap918A1gURXXS

Email authentication weak

SPF
not published
DMARC
v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email; ruf=mailto:dmarc@edsn.nl
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-05-02 to 2026-08-01
Expires in 56 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://eancodeboek.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer
x-frame-options
deny
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),layout-animations=(self),legacy-image-formats=(self),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; block-all-mixed-content
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin

Linked from (2)