indexo.dev

nvz-kennisnet.nl

.nl crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 3572 ms crawled 2026-06-01

NL · 87.233.203.230 · AS15703 TrueFullstaq B.V.

Reputation 100/100

Classifying

HTML metadata

Title
Home | NVZ-Kennisnet
Language
nl
Feeds

Open Graph

url
https://www.nvz-kennisnet.nl/
title
NVZ-Kennisnet

Technology

Server
nginx
jQuery
4.0.0
Stack
PHP
Fonts
  • Google Fonts

Third-party hosts loaded (1)

  • fonts.googleapis.com×1

Social

DNS records live

NS
  • ns01.hostnet.nl
  • ns02.hostnet.nl
Verified for
  • Brevo

Email authentication no MX

SPF
v=spf1 include:_spf.hostnet.nl ip4:87.233.83.41 ip6:2001:9a8:0:86::41 include:spf_servers.yard.nl include:spf_cluster.yard.nl ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx5LixYvWcTBmfWZwuSSqVQIwGYqi3k5aMrBRIRF+Bi1aqvSSgyg9v8MbIUlfAnXKSLk…
selectors probed

Certificate (current)

R12
from 2026-05-13 to 2026-08-11
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nvz-kennisnet.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), encrypted-media=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(), usb=(), wake-lock=(), screen-wake-lock=(), web-share=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' static.mailplus.nl m2.mailplus.nl maps.googleapis.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com platform.twitter.com https://www.recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com/jsapi https://www.gstatic.com/charts/ js.livenet; object-src 'self' youtube.com www.youtube.com youtube-nocookie.com www.youtube-nocookie.com vimeo.com player.vimeo.com video.vu.nl cloud.reflexappointment.nl; style-src 'self' 'unsafe-inline' static.mailplus.nl fonts.googleapis.com https://www.gstatic.com/charts/; img-src 'self' blob: data: images.unsplash.com maps.gstatic.com *.googleapis.com *.ggpht *.google-analytics.com *.analytics.google.com www.googletagmanager.com; media-src 'self'; frame-src 'self' youtube.com www.youtube.com youtube-nocookie.com www.youtube-nocookie.com docs.google.com vimeo.com player.vimeo.com video.vu.nl cloud.reflexappointment.
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (4)

Linked from (1)