indexo.dev

baxi.co.uk

.uk crawl

First seen 2026-05-20 · Last seen 2026-05-31 · ok HTTP/1.1 200 1561 ms crawled 2026-05-27

US · 76.76.21.142 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Baxi Heating and Hot Water Solutions - Boilers, ASHPs, Cylinders
Description
View our full range of Boilers, Air Source Heat pumps (ASHPs), Cylinders, and accessories. Find out more about our products and renewable heating solutions.
Language
en
Canonical
https://www.baxi.co.uk/_variantId_db6b9b810c084c67bff2192a50a258ae_9b8e5f5dc8cc4ec7b0fa92bd52bd455c

Open Graph

title
Baxi Heating and Hot Water Solutions - Boilers, ASHPs, Cylinders
description
View our full range of Boilers, Air Source Heat pumps (ASHPs), Cylinders, and accessories. Find out more about our products and renewable heating solutions.

Technology

CDN
Vercel
CMS
Next.js
JS framework
Next.js
Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust

Third-party hosts loaded (3)

  • edge.sitecorecloud.io×22
  • cdn.cookielaw.org×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • dns1.safenames.com
  • dns2.safenames.net
  • dns3.safenames.org
MX
  • 10 mxa-001e2d01.gslb.pphosted.com
  • 10 mxb-001e2d01.gslb.pphosted.com
TXT
Show 7 TXT records
  • _3g4uyy9mjf83d228raslavytmoiem5u
  • rovag_verification_token=94F05CA6155F4CE982C3304C9CBE186E
  • box-domain-verification=f9ba229e62e2d2c9d72472992af9c4eb33717f2f6159824b31a6f35f3d7c338a
  • _sxybkxb2pohxjxs33emiws9j4n28bmq
  • _gpms2h07c4ww5pdux99jff5kaqt4fy8
  • _85p95wozkbs1ogbw4g2ao8hej0gkufc
  • sc-bdr-prd-cd.azurewebsites.net
Verified for
  • 1Password
  • Google
  • Meta
  • Microsoft 365
  • Miro

Email authentication strong

SPF
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-16 to 2026-08-14
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.baxi.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://cdn.cookielaw.org https://privacyportalde-cdn.onetrust.com https://*.youtube.com https://api-engage-eu.sitecorecloud.io https://edge.sitecorecloud.io https://ka-p.fontawesome.com https://kit.fontawesome.com https://xmc-bdrthermea1-platform-production.sitecorecloud.io/ https://xmf.remeha.co.uk https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google.com https://maps.googleapis.com/ https://apim-weu-pr-sc.azure-api.net https://www.baxi.co.uk bdr-prd-platform-baxiuk-8elrlmvk4-bdr-thermea-group.vercel.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' bdr-prd-platform-baxiuk-8elrlmvk4-bdr-thermea-group.vercel.app https://cdn.cookielaw.org https://privacyportalde-cdn.onetrust.com https://api-engage-eu.sitecorecloud.io https://*.googletagmanager.com https://*.google-analytics.com https://kit.fontawesome.com https://*.youtube.com https://vitals.vercel-insights.com https://*.googleapis
strict-transport-security
max-age=63072000; includeSubDomains; preload;

Links to (7)

Linked from (2)