indexo.dev

vandebron.nl

.nl crawl

First seen 2026-05-16 · Last seen 2026-05-30 · ok HTTP/1.1 200 3927 ms crawled 2026-05-21

US · 172.66.173.26 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Duurzame energie van Nederlandse bodem - Vandebron
Description
Vandebron: duurzame energie van Nederlandse bodem. Transparant, eerlijk en 100% lokaal opgewekt. Kies je eigen leverancier van bio-, wind- of zonne-energie. Wij regelen de overstap! 97% van onze klanten beveelt ons aan. We scoren een 9,6 op duurzaamheid (Greenpeace). Logisch toch?
Language
nl

Open Graph

title
Duurzame energie van Nederlandse bodem - Vandebron
locale
nl_NL
site name
Vandebron
description
Vandebron: duurzame energie van Nederlandse bodem. Transparant, eerlijk en 100% lokaal opgewekt. Kies je eigen leverancier van bio-, wind- of zonne-energie. Wij regelen de overstap! 97% van onze klanten beveelt ons aan. We scoren een 9,6 op duurzaamheid (Greenpeace). Logisch toch?

Technology

CDN
Cloudflare
CMS
Gatsby

Third-party hosts loaded (2)

  • b3ab56cb8f154c1193b1482a7b864e7d.js.ubembed.com×1
  • dev.visualwebsiteoptimizer.com×1

Social

Contact

Phone

DNS records live

NS
  • graham.ns.cloudflare.com
  • nia.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 15 TXT records
  • GzshFdBH+7+9qvug9JbuluN0CT+qWmJ8SwoFH6vOSf0=
  • yokoy-domain-verification=962933eb3384e1d852caae0d76b609f7c37f46c657100413d2a100a4ea23fab5
  • DirectFedAuthUrl=https://accounts.google.com/o/saml2/idp?idpid=C00u8457v.
  • AtM441dB+8kitzDtGo+wahEh+NCcY8aXuwyoytycRBo=
  • 7FhbZB5Y8NH1VuK1BZWVVRX6tXq/u1p5LjsXwer4xA8=
  • ePJfwEKCFJE/ioXNFkdHRqS93+PoO7tAi2/L9J48Dx8=
  • DirectFedAuthUrl=https://vandebron.nl
  • RBbEHR67/AU7joSM7bJk4axEiW6mZAnCebIN2bnn6UA=
  • X/oWcFDhp9ZvYyYA+IjEd2vfHHLF8u2mjJKLIHYTL4Q=
  • JghJmB9EIf7wZcD0DEzaHjagZmzTHjwI36DD/M31inc=
  • IlNMtBuYOsFp310cOT0hQVC6DEjH+qzniTdntmQOZ7I=
  • vE95hEoS+JurU9M0pMflccZam1L4xynw3ll8O1LOJmY=
  • cloudflare_dashboard_sso=2eb17641d86484afc9c6bc7f48405a1d
  • Q6kYkZJGsC1tcZ5CT3w3NAqZIwUU3/ZLAW8A08KbbmU=
  • cef50c8437234ad518ee3eca647324469c5d05f4f301d77fa2
Verified for
  • Anthropic
  • Apple
  • Atlassian
  • GlobalSign
  • Google
  • Meta
  • Microsoft 365
  • Miro
  • MongoDB
  • OpenAI
  • Postman

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:_spf.salesforce.com ip4:23.97.220.134 ip4:167.89.84.20 include:spf.mandrillapp.com include:servers.mcsv.net ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dd285f95fedd065@rep.dmarcanalyzer.com; ruf=mailto:dd285f95fedd065@for.dmarcanalyzer.com; pct=100; fo=1;
policy: quarantine
DKIM
Show 5 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3K6lqcoE8Z1jUMHKfkVtm7bJJktwa2oZ+FoMpH0Ta1U3RNAVkMBk97lD05VINTf/LgSN8D6ktJ2gwYiC+91…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpYo57d+di3EhfbfSpkEIVSNQR4wP1Pgnf4rskipYvB14mD82JrERU4ow/0Ozd/Uv50Lys1oJFeWVDk2Lc…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1q2iJHRfaBJQCEHcF39OqwWYPYTfKRZP9MSPO7bJOhykeaXVaJfZOKfbyd0RalkXMUYRpk5RGhBKUpgFIM4OwjV…
  • smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed

Certificate (current)

GlobalSign ECC EV SSL CA 2018
from 2025-12-15 to 2027-01-16
Expires in 230 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://vandebron.nl/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src https: *.visualwebsiteoptimizer.com app.vwo.com; worker-src 'self' blob:; script-src https: 'unsafe-inline' 'unsafe-eval' *.visualwebsiteoptimizer.com app.vwo.com; style-src https: blob: 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com; img-src https: data: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src https: data:; connect-src https: wss://*.hotjar.com *.visualwebsiteoptimizer.com app.vwo.com; frame-ancestors 'self' *.vandebron.nl *.vdbinfra.nl *.salesforce.com *.force.com;

Links to (9)

Linked from (5)