indexo.dev

vandenbroeleconnect.be

.be crawl

First seen 2026-05-28 · Last seen 2026-05-31 · ok HTTP/1.1 200 1124 ms crawled 2026-05-31

BE · 93.94.107.243 · AS44806 Kinamo N.V.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
MyAccount - Aanmelden

Technology

jQuery
3.7.1
Fonts
  • Adobe Fonts

Third-party hosts loaded (3)

  • cdnjs.cloudflare.com×4
  • ajax.googleapis.com×1
  • use.typekit.net×1

Contact

Email

DNS records live

NS
  • ns1.vandenbroele.be
  • ns2.vandenbroele.be
MX
  • 0 vandenbroeleconnect-be.mail.protection.outlook.com
Verified for
  • GlobalSign
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.novado.be include:spf.mandrillapp.com -all
strict (-all)
DMARC
v=DMARC1; p=none; sp=none; fo=0; ri=3600; ruf=mailto:servicedesk@vandenbroele.be
policy: none (monitoring only) · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrX0YNt2u5ZrhNUf1NQDklbLERyLjTAvI1ujyqTO20WvyescDlHqJF/9VzgSsIrXjsyMOglB79tXUZnqx2Cm…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4cM52NQS/TKk8V3dri0EtMJ2Z2+92ErVbpBSqBhhBduc6wZoXFoFfyg7CfYxHjuxE5Mpz+yynShZaF192a6…
selectors probed

Certificate (current)

GlobalSign RSA OV SSL CA 2018
from 2026-04-27 to 2026-11-12
Expires in 164 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://login-myaccount.vandenbroeleconnect.be/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dnextportal%26redirect_uri%3Dhttps%253A%252F%252Fvandenbroeleconnect.be%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DVo5l2OUVUAjtEC2iUKleg7WnmuMgHCltxXXVFBBxHyQ%26code_challenge_method%3DS256%26nonce%3D639157851523046449.MTVjYTM1N2UtNDBlMi00NjY4LWE5ZTgtOTJmODQ3MzZlYTRhZWVhNmEzNjItZTFmNS00ODQ2LTk3Y2EtMjJjZDczZDUxZDE5%26requestUri%3Dhttps%253A%252F%252Fvandenbroeleconnect.be%252F%26acr_values%3Dip%26state%3DCfDJ8EneIp9Wfd1DoXpSvHlxkIAknABL8Gmdq4a-xN1D1yp1EDEmkCqrQ-Eg_ld6YfmDBUSv5j5pRKxSqi_awrJCrG5zmWGlRXPNGGNQEwRPjJMEvovz0OEOgV3gs12IPbFq4jG5qeT5uxBmdbhuHGyrN4Q9HhrTaCvK0Sl1CpB_SbOFj1cunUt0nJkLIPI7CIk9zw17BuaMZfuIZgsTfBLnVZQPHu6P0VyoiMRw2MPD4-gozuPc_RWCVg4uL2m9_ikj72n4IGV_cZKrmAj6WTxngDRt9ySIl41_T6kraa58linQXZ2Eh5jzjL_64qGnUmUAnoczsV0Bjqu59bCIOLREdfrJEljk2FEW4aJA31N5YAMpwRCq0Dj6D6BN7MWJ_octzw%26x-client-SKU%3DID_NET8_0%26x-client-ver%3D8.6.0.0

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self';img-src 'self' *.vandenbroeleconnect.be;script-src 'self' 'unsafe-inline' *.google.com *.gstatic.com ajax.googleapis.com cdnjs.cloudflare.com;style-src 'self' 'unsafe-inline' *.typekit.net cdnjs.cloudflare.com;connect-src 'self' cdnjs.cloudflare.com;object-src 'none';font-src 'self' *.typekit.net;frame-ancestors *.vandenbroele.be *.vandenbroeleconnect.be;frame-src 'self' 'unsafe-inline' *.google.com;sandbox allow-forms allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-scripts;base-uri 'self';
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (9)