indexo.dev

vandervalkhotelutrecht.nl

.nl crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 906 ms crawled 2026-06-01

NL · 20.93.254.174 · AS8075 Microsoft Corporation

Reputation 67/100 wrong cert no dmarc policy

Classifying

HTML metadata

Title
Van der Valk Hotel Utrecht - Hotel Utrecht
Description
Van der Valk Hotel Utrecht ligt aan de rand van de bruisende stad Utrecht en direct aan de A12. Met o.a. zwembad, wellness en restaurant.
Language
nl
Canonical
https://www.vandervalkhotelutrecht.nl/
Translations
  • en
  • nl

Open Graph

url
https://www.vandervalkhotelutrecht.nl/
title
Van der Valk Hotel Utrecht - Hotel Utrecht
site name
Hotel Utrecht
description
Van der Valk Hotel Utrecht ligt aan de rand van de bruisende stad Utrecht en direct aan de A12. Met o.a. zwembad, wellness en restaurant.

Technology

Server
Apache
Analytics
  • Google Analytics
  • Google Tag Manager
Third-party hosts loaded (9)
  • mediabank.valkenhorst.nl×27
  • cdn.valkexclusief.com×6
  • cdn.bfldr.com×2
  • www.googletagmanager.com×2
  • www.vandervalkhotelutrecht.com×2
  • cdn.feedbackify.com×1
  • connect.facebook.com×1
  • maps.googleapis.com×1
  • www.google-analytics.com×1

Social

Contact

Email
Phone
Address
Winthontlaan 4-6, 3526KV, Utrecht, NL

DNS records live

NS
  • alex.ns.cloudflare.com
  • clara.ns.cloudflare.com
MX
  • 10 mail.vandervalkhotelutrecht.nl
Verified for
  • Google
  • Meta
  • Microsoft 365

Email authentication weak

SPF
v=spf1 a mx ip4:213.247.55.57 ip4:193.239.132.80 include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current) wrong cert

Sectigo Public Server Authentication CA OV R36
from 2025-05-28 to 2026-06-23
Expires in 20 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.vandervalkhotelutrecht.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.clarity.ms c.bing.com mediabank.valkenhorst.nl; child-src 'self' js.stripe.com p.travelsmarter.net valkexclusief-virtueletours.nl www.googletagmanager.com www.google.com google.com www.youtube.com www.visitzuidlimburg.nl zien360.nl link.zien360.nl zien360.online *.facebook.com; connect-src 'self' wss: data: api.widget.trengo.eu gkkmgz0bw7.execute-api.eu-central-1.amazonaws.com wss://ws-eu.pusher.com adservice.google.com www.google.com *.g.doubleclick.net *.facebook.com *.facebook.net *.googleapis.com *.googleadservices.com *.hotjar.com *.hotjar.io *.sovendus.com *.adyen.com *.paypal.com *.klippa.com login.microsoftonline.com analytics.tiktok.com/api/ region1.google-analytics.com region1.analytics.google.com www.googletagmanager.com *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hojar.com *.google-analytics.com *.analytics.google.com pagead2.googlesyndication.com *.clarity.ms *.exponea.com api.exponea.com cdn.linkedin.oribi.io capture.duettoresearch.com
strict-transport-security
max-age=31536000

Links to (11)

Linked from (2)