museumdezwartetulp.nl

.nl crawl

First seen 2026-05-27 · Last seen 2026-06-02 · ok HTTP/1.1 200 3688 ms crawled 2026-05-30

NL · 185.37.71.44 · AS48635 Your Hosting B.V.

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title

Museum de Zwarte Tulp – Hét museum over de bloembollencultuur

Language

nl-NL

Generator

WordPress 6.9.4

Canonical

https://museumdezwartetulp.nl/

Feeds

Technology

Server: nginx
CMS: WordPress 6.9.4
jQuery: 3.7.1
Stack: PHP

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.googleapis.com×3
www.googletagmanager.com×1

Social

DNS records live

NS

ns-t.dns.yourhosting.eu
ns-v.dns.yourhosting.nl
ns-x.dns.yourhosting.nu

MX

0 museumdezwartetulp-nl.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication weak

SPF

v=spf1 include:_spf.yourfilter.nl include:spf.protection.outlook.com include:spf.routit.net ip4:46.44.184.52 ip4:93.94.226.227 -all

strict (-all)

DMARC

not published

DKIM

default: v=DKIM1; g=*; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQnwxSD1DY5pVk8GW/2uq/FUPXHMkod5T6LdNS9b4LulC6dOqdh8TkDP6wjBwSWMSI8M/acSg…

selectors probed

Certificate (current)

R12

from 2026-05-14 to 2026-08-12

Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://museumdezwartetulp.nl/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (4)

Linked from (2)

webdroids.nl×1
bestlinkstoholland.com×1