indexo.dev

museon-omniversum.nl

.nl crawl

First seen 2026-05-27 · Last seen 2026-06-03 · ok HTTP/1.1 200 1426 ms crawled 2026-05-30

NL · 85.10.129.232 · AS20857 Signet B.V.

Reputation 100/100

Classifying

HTML metadata

Title
Home | Museon-Omniversum
Language
nl-NL
Canonical
https://www.museon-omniversum.nl/home
Translations
  • en
  • nl

Technology

Analytics
  • Google Tag Manager
Social widgets
  • Vimeo Embed
  • YouTube Embed
Third-party hosts loaded (10)
  • www.youtube-nocookie.com×2
  • cdn.jsdelivr.net×1
  • f.vimeocdn.com×1
  • i.vimeocdn.com×1
  • i.ytimg.com×1
  • i9.ytimg.com×1
  • player.vimeo.com×1
  • s.ytimg.com×1
  • www.googletagmanager.com×1
  • www.youtube.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.dn-s.nl
  • ns2.dn-s.nl
  • ns3.dn-s.nl
  • ns4.dn-s.nl
MX
  • 10 museonomniversum-nl01e.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 ip4:77.60.188.241/29 include:email.activetickets.com include:spf.protection.outlook.com include:_spf.exsilia.net ip4:109.70.3.65 a:smtp1.service.bocenter.nl -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:dmarc@museon-omniversum.nl; ruf=mailto:dmarc@museon-omniversum.nl; rf=afrf; pct=100; ri=86400
policy: quarantine · sp=quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPLjmYjdu+xaq/S5zL9wtDweUXH0yJtyJCOMihfb94cgZIMQfTb0fkj3hK/JQIUgGEceS9KEDTZfDl…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOyB7mN+ZYOwSqRE7EYlx054Xj1JDH8U9islQC/hOAwzCPOVLJCbrqkUIEOx0QQpGxGaQXonSm1ClVhgFV…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgwCst6kBpjfbTUkHgHzCQx0l1stnPzAnVmKIBrUvWJ3YxOobFdWnCfpGdbxax+dkc2X/c7oO4iWyCaKJ4eL8qj2…
selectors probed

Certificate (current)

R13
from 2026-05-07 to 2026-08-05
Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.museon-omniversum.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
autoplay=(*), geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(*), payment=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: wss://ws.inspectlet.com https://snap.licdn.com https://px.ads.linkedin.com https://ad.doubleclick.net https://app.varify.io https://editor.varify.io https://ip.varify.dev https://*.hsappstatic.net https://*.inspectlet.com https://*.billypx.com https://*.tiktokw.us https://*.tiktok.com https://*.billygrace.com https://api.elmah.io https://*.cookie-script.com https://*.varify.io https://*.googlesyndication.com https://*.hubspot.com https://*.hs-banner.com https://*.hs-analytics.net https://*.hscollectedforms.net https://*.hsforms.com https://*.hs-scripts.com https://*.usemessages.com https://*.clarity.ms https://cdn.cookie-script.com https://*.usercentrics.eu https://*.museon-omniversum.nl https://museon-omniversum.nl https://museon-omniversum.nl:* https://cdn.jsdelivr.net https://*.youtube.com https://*.youtube-nocookie.com https://*.ytimg.com https://*.vimeocdn.com https://*.vimeo.com https://vumbnail.com https://*.hotjar.io https:
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (2)