theoneemtover.nl — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Uw bedrijf verkopen met de juiste opvolging – THEO Bedrijfsovernamefonds
Description: Wilt u uw bedrijf verkopen of opvolging regelen voor uw opleidings- of exameninstituut? THEO neemt over met respect voor uw nalatenschap en versnelt de groei met AI.
Language: nl
Canonical: https://www.theoneemtover.nl/

Open Graph

url: https://www.theoneemtover.nl/
title: Uw bedrijf verkopen met de juiste opvolging – THEO Bedrijfsovernamefonds
locale: nl_NL
site name: THEO Bedrijfsovernamefonds
description: Uw bedrijf verkopen met zekerheid. Continuïteit borgen, identiteit behouden, groei versnellen met AI.

Technology

CDN: Netlify

Contact

Email

Phone

+31108082712

DNS records live

NS

dns1.p07.nsone.net
dns2.p07.nsone.net
dns3.p07.nsone.net
dns4.p07.nsone.net

MX

1 smtp.google.com

Verified for

Google

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

E8

from 2026-04-11 to 2026-07-10

Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.theoneemtover.nl/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; frame-ancestors 'none'; object-src 'none'; form-action 'self'; upgrade-insecure-requests; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; script-src 'self' 'unsafe-inline' blob: https://www.googletagmanager.com https://*.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.doubleclick.net https://www.gstatic.com https://*.google.com https://*.google.nl https://*.matomo.cloud https://*.matomo.org https://connect.facebook.net https://www.clarity.ms https://scripts.clarity.ms https://assets.cookieconfirm.com https://platform.cookieconfirm.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://adservice.google.com https://adservice.google.nl https://sst.theoneemtover.nl https://taggrs.io https://*.taggrs.io https://snap.licdn.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.cookieconfirm.com https://platform.cookieconfirm.com; font-sr
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy-report-only: default-src 'self'; base-uri 'self'; frame-ancestors 'none'; object-src 'none'; form-action 'self'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; script-src 'self' 'unsafe-inline' blob: https://www.googletagmanager.com https://*.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.doubleclick.net https://www.gstatic.com https://*.google.com https://*.google.nl https://*.matomo.cloud https://*.matomo.org https://connect.facebook.net https://www.clarity.ms https://scripts.clarity.ms https://assets.cookieconfirm.com https://platform.cookieconfirm.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://adservice.google.com https://adservice.google.nl https://sst.theoneemtover.nl https://taggrs.io https://*.taggrs.io https://snap.licdn.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.cookieconfirm.com https://platform.cookieconfirm.com; font-src 'self' data: https://font

Links to (1)

calendly.com×1

Linked from (1)

futureflowai.nl×1