indexo.dev

vwc-buuv.nl

.nl crawl

First seen 2026-05-30 · Last seen 2026-05-31 · ok HTTP/1.1 200 783 ms crawled 2026-05-31

US · 104.21.72.27 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
VWC-BUUV
Description
Op zoek naar passend vrijwilligerswerk of juist hulp nodig? Op VWC-BUUV vind je elkaar gemakkelijk en veilig. Plaats ook je vraag en aanbod!
Language
nl

Open Graph

ttl
601976
url
https://www.vwc-buuv.nl/
title
Homepage
locale
nl_NL
site name
VWC-BUUV

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • cdn.onesignal.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • kellen.ns.cloudflare.com
  • nataly.ns.cloudflare.com
MX
  • 0 vwcbuuv-nl0i.mail.protection.outlook.com
TXT
  • mandrill_verify.tO2ZeT3QtKWJ0sl7iZNLOA
Verified for
  • Meta
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com a mx include:spf.mandrillapp.com include:_spf.gripp.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc@vwc-buuv.nl; ruf=mailto:dmarc@vwc-buuv.nl; sp=none; fo=0
policy: none (monitoring only) · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQuw93a4+y6x1doGbWp6YFFFe1TBTpSfxZPu0MoP20HttQx8zYXFxYVyJk2cfnmKpkd3JhrKVOK7/v…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

WE1
from 2026-04-11 to 2026-07-10
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.vwc-buuv.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), camera=(), document-domain=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), sync-xhr=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self' data: ; script-src 'self' 'report-sample' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net *.google-analytics.com ssl.google-analytics.com www.google.com www.googleadservices.com www.googleoptimize.com *.googletagmanager.com www.gstatic.com tagmanager.google.com maps.googleapis.com *.doubleclick.net connect.facebook.net *.landbot.io webchat.digitalcx.com *.hotjar.com cdnjs.cloudflare.com stackpath.bootstrapcdn.com cdn.jsdelivr.net code.jquery.com onesignal.com cdn.onesignal.com ads.creative-serving.com googleads.g.doubleclick.net *.monsido.com js-agent.newrelic.com bam.eu01.nr-data.net nonce-12edd2f6 ; style-src 'self' 'report-sample' blob: 'unsafe-inline' *.cloudfront.net fonts.googleapis.com cdn.jsdelivr.net onesignal.com cdn-images.mailchimp.com translate.googleapis.com *.landbot.io nonce-12edd2f6 ; img-src 'self' data: blob: ssl.gstatic.com www.gstatic.com *.google-analytics.com *.google.com *.google.nl *.google.de *.google.be *.g.doubleclick.net maps.gstatic.com *
strict-transport-security
max-age=63072000; includeSubDomains preload

Links to (11)

Linked from (1)