indexo.dev

zvu.nl

.nl crawl

First seen 2026-05-28 · Last seen 2026-05-30 · ok HTTP/1.1 200 1139 ms crawled 2026-05-30

NL · 89.31.99.126 · AS35470 Signet B.V.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Home - Zeeuwse Verwarmings Unie
Language
nl
Generator
Gerente CMS 3 By TiDi Graphics, see http://www.tidi.nl

Open Graph

url
http://www.zvu.nl/
title
Home
locale
nl_NL
site name
Zeeuwse Verwarmings Unie

Technology

Server
Apache
jQuery
1.11.1 known XSS (<3.5)
Stack
PHP
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×3
  • cdnjs.cloudflare.com×2
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns1.eurodns.com
  • ns2.eurodns.com
  • ns3.eurodns.com
  • ns4.eurodns.com
MX
  • 10 mail.zvu.nl
  • 20 mail2.zvu.nl
  • 30 bsmtp.tidi.nl
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 a mx include:_senderspf.tidi.nl ~all
softfail (~all)
DMARC
v=DMARC1;p=none;pct=100;rua=mailto:administratorrua@zvu.nl;ruf=mailto:administratorruf@zvu.nl;fo=0:1:d:s;adkim=r
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-16 to 2026-07-15
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.zvu.nl/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'

Links to (4)

Linked from (1)