indexo.dev

welzin.nl

.nl crawl

First seen 2026-05-31 · Last seen 2026-06-01 · ok HTTP/1.1 200 964 ms crawled 2026-06-01

NL · 94.237.111.159 · AS202053 UpCloud Ltd

Reputation 100/100

Classifying

HTML metadata

Title
WELZIN - Werkt voor mensen | Home
Language
nl-NL

Technology

Server
nginx
jQuery
3.7.1
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot
Social widgets
  • YouTube Embed

Third-party hosts loaded (4)

  • consent.cookiebot.com×1
  • maxcdn.bootstrapcdn.com×1
  • www.googletagmanager.com×1
  • www.youtube-nocookie.com×1

Contact

Email
Phone

DNS records live

NS
  • chance.ns.cloudflare.com
  • heidi.ns.cloudflare.com
MX
  • 1 welzin-nl.mail.protection.outlook.com
TXT
  • v=NTA7516-1;startdate=2024-01;enddate=2027-01;provider=zorgmail;ntamx=10 relay.zorgmail.nl
  • EL2o21rhLGNISb5u20H9td/pqRUEFK4UQi2QAhdB4q1xtnRUf7CNBjeKct+9e+DpvNEK1FPY6DLUKnaU5YVuhw==
Verified for
  • Microsoft 365

Email authentication strong

SPF
v=spf1 a ip4:83.80.20.138 ip4:83.80.20.139 ip4:188.64.65.33 include:_spf.zorgmail.nl include:hosting.regicare.nl include:spf.afas.online include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc@welzin.nl
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+ASpsl5gpgqRA9WYIhbV5bUAGIcoU663v8oiD3GK7vXxdsUrwdnS4yYjq0NrxQpXszfcGX6lV3Fl9…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QKxGSq1t7WTkSP/TY/zZZ7sVCdb7JVFcrEcPwW0laTmMarlMGbkWzZWQ1Pi05yyCpahEbP4Ag16dm…
  • dkim: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzzIEmMviuXPsSts0R+fA3EKJftq7sQDyk2SyVdBTbn0OZunncfD10nLbE7Nmb6xRgpS1S19pzKrHCvdq0Dy…
selectors probed

Certificate (current)

R12
from 2026-05-25 to 2026-08-23
Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://welzin.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=self, autoplay=self, camera=(), gyroscope=self, magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; connect-src *.googleapis.com *.google-analytics.com www.google.com 'self'; default-src 'self'; font-src fonts.gstatic.com maxcdn.bootstrapcdn.com 'self' data:; form-action 'self'; frame-ancestors 'self'; frame-src www.youtube.com www.google.com *.youtube-nocookie.com *.cookiebot.com 'self'; img-src ssl.google-analytics.com www.google-analytics.com www.googletagmanager.com *.ytimg.com *.cookiebot.com 'self' data:; media-src 'self'; object-src 'none'; script-src *.googleapis.com *.google-analytics.com *.googletagmanager.com www.google.com www.gstatic.com *.cookiebot.com 'self' 'unsafe-inline'; style-src fonts.googleapis.com maxcdn.bootstrapcdn.com *.cookiebot.com 'self' 'unsafe-inline'; worker-src 'none';report-uri https://www.welzin.nl/csp/v1/report;report-to csp-endpoint;
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (1)