indexo.dev

netwerkzorg.nl

.nl crawl

First seen 2026-06-04 · Last seen 2026-06-04 · ok HTTP/1.1 200 260 ms crawled 2026-06-04

NL · 87.253.157.25 · AS20857 Signet B.V.

Reputation 69/100 wrong cert dmarc monitor-only

Classifying

HTML metadata

Title
Zorgnetwerk Nederland

Technology

CDN
Cloudflare
CMS
Gatsby
jQuery
1.4.2 known XSS (<3.5)
Analytics
  • Google Tag Manager

Third-party hosts loaded (5)

  • builder-assets.unbounce.com×3
  • ajax.googleapis.com×1
  • b618b57c57264e00af5510dcc117c7f1.js.ubembed.com×1
  • secure.foodinspiration.nl×1
  • www.googletagmanager.com×1

Social

Contact

Email

DNS records live

NS
  • auth01.dns.trueserver.nl
  • auth02.dns.trueserver.nl
  • auth03.dns.trueserver.nl
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:_spf.mijnwefact.nl include:_spf.google.com include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ip4:93.119.1.117 ip4:149.210.229.180 ip4:37.97.230.110 -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fM6xN376Gkic8hyYbKyyO8lAwAvpxYby/oQnfRHvRMwjjD+cXSm3fxxI6Tjz1t/DJ40m3+WEmWEWvli6P…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfBq13K1vXEy8ScOFo00ltbLgpCct864iNa93tXzadyArkdkSO3tEst+LcqT3Su8ywujQ4WYpFR4lRWIhdUOnzSR…
selectors probed

Certificate (current) wrong cert

Plesk
from 2025-06-22 to 2026-06-22
Expires in 17 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.netwerkzorg.nl/

present
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'

Links to (23)

Linked from (2)