indexo.dev

opdetoffel.nl

.nl crawl

First seen 2026-06-02 · Last seen 2026-06-02 · ok HTTP/1.1 200 728 ms crawled 2026-06-02

NL · 83.96.237.252 · AS35470 Signet B.V.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Zaterdag 13 juni 2026 - Op De Tôffel
Description
Op De Tôffel vindt plaats op het Vrijthof, een plein in het centrum van Vierlingsbeek.
Language
nl
Canonical
https://www.opdetoffel.nl/home/

Open Graph

url
https://www.opdetoffel.nl/home/
title
Zaterdag 13 juni 2026
video
https://www.youtube.com/watch?v=pl-VhuCMGsw
locale
nl_NL
site name
Op De Tôffel
description
Op De Tôffel vindt plaats op het Vrijthof, een plein in het centrum van Vierlingsbeek.

Technology

Server
nginx

Social

DNS records live

NS
  • ns1.cybox.nl
  • ns2.cybox.eu
MX
  • 10 mx.spamexperts.com
  • 20 fallbackmx.spamexperts.eu
  • 30 lastmx.spamexperts.net
Verified for
  • Google

Email authentication weak

SPF
v=spf1 include:_spf.cybox.email -all
strict (-all)
DMARC
not published
DKIM
  • k1: v=DKIM1; s=email; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ow2km0bvykgY0lnksxGx0MfFYNTwgm1t88GexlYE+YVj24cIzqavOgUcrGH4EulyKrAe…
selectors probed

Certificate (current)

R12
from 2026-04-28 to 2026-07-27
Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.opdetoffel.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com 'report-sample'; script-src 'nonce-17c398ab64774bacef2db2c2e0413d55' 'strict-dynamic' 'self' https: 'unsafe-inline' 'report-sample'; img-src 'self' data: i.ytimg.com i.vimeocdn.com www.googletagmanager.com https://*.google-analytics.com https://*.googletagmanager.com https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; frame-src 'self' www.youtube.com player.vimeo.com *.google.com; connect-src 'self' www.googletagmanager.com www.google.com https://*.analytics.google.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; base-uri 'self'; font-src 'self' fonts.gstatic.com; frame-ancestors 'self'; object-src 'none'; report-to csp-reports;
strict-transport-security
max-age=63072000; includeSubDomains

Links to (8)

Linked from (1)