kiwiconnect.nl

.nl crawl

First seen 2026-06-03 · Last seen 2026-06-03 · ok HTTP/1.1 200 440 ms crawled 2026-06-03

NL · 185.104.29.164 · AS206281 Stichting DIGI NL

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: KiwiConnect | Matching-first ATS voor recruitmentbureaus
Description: Eén ATS voor vacatures, cv's, talentpools en uitlegbare AI-matching. Gebouwd voor Nederlandse recruitmentbureaus, met data in Nederland.
Language: nl
Canonical: https://www.kiwiconnect.nl

Open Graph

url: https://www.kiwiconnect.nl
title: KiwiConnect | Matching-first ATS voor recruitmentbureaus
locale: nl_NL
site name: KiwiConnect
description: Eén ATS voor vacatures, cv's, talentpools en uitlegbare AI-matching. Gebouwd voor Nederlandse recruitmentbureaus, met data in Nederland.

Technology

Server: railway-hikari
CMS: Next.js

Social

Contact

Phone

868983615

Address

Wissinkbrinkweg 45, 7482 RJ, Haaksbergen, NL

DNS records live

NS

ns.zxcs.be
ns.zxcs.eu
ns.zxcs.nl

MX

0 kiwiconnect-nl.mail.protection.outlook.com

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none;

policy: none (monitoring only) · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6UK6i8TMfI/MzFZZRDOJ3Av4Pv2Yd2PFyR/XyFHwAZuhIOEtFcn6Jttz2VgGomCBM4AIyNSiPUebR…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvhhlamrJ4PT3PlgPvuF6Lwx/C0mAHE450u5kHi139qeAJo2fjIx82dNNhGDGTWZhBj4bZUUI4pT70…

selectors probed

Certificate (current)

R13

from 2026-05-14 to 2026-08-12

Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.kiwiconnect.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://*.cal.com; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://*.cal.com https://t3.storageapi.dev; frame-src 'self' blob: https://www.google.com https://www.recaptcha.net https://*.cal.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none';
strict-transport-security: max-age=31536000; includeSubDomains

Links to (1)

linkedin.com×1

Linked from (1)

leadsprint.nl×1