indexo.dev

geldfit.nl

.nl crawl

First seen 2026-05-16 · Last seen 2026-05-31 · ok HTTP/1.1 200 1570 ms crawled 2026-05-20

US · 172.66.162.183 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Dé plek voor al je vragen en zorgen over geld
Description
Geldfit is dé plek voor al je vragen en zorgen over geld. Doe een check, vind handige informatie of ontdek hoe je allerlei geldzaken goed regelt.
Language
nl
Canonical
https://geldfit.nl/

Open Graph

url
https://geldfit.nl/
title
Dé plek voor al je vragen en zorgen over geld
description
Geldfit is dé plek voor al je vragen en zorgen over geld. Doe een check, vind handige informatie of ontdek hoe je allerlei geldzaken goed regelt.

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Cloudflare Insights
  • Google Tag Manager

Third-party hosts loaded (3)

  • static.cloudflareinsights.com×1
  • translate.google.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • carl.ns.cloudflare.com
  • lara.ns.cloudflare.com
MX
  • 0 geldfit-nl.mail.protection.outlook.com
TXT
  • 05dd42a577a105955eb22566869673ed91caa57d
Verified for
  • Atlassian
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 mx a ip4:185.226.136.241 include:spf.steam-connect.com include:_spf.zivver.com ip4:168.245.98.72 include:spf.protection.outlook.com include:_spf.freshsales.io include:spf.app.perfectview.nl ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:801b8fcfce8748b189629573060b5ea0@dmarc-reports.cloudflare.net,mailto:noreply@geldfit.nl; ruf=mailto:noreply@geldfit.nl;fo=1
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnymPynnWHhrQRpjmSOyUwwGkdMxcjhmQwTIu0KxrcmKN7JcN/6+N/4kibGzEscWlzP4Lu+jh8rMozx…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CzlSaW2ftvwUnPxnHo6S7JC3GtfsyV44Ce3amhiWiYV/0lu4YJi0p21a084oplO58pq3A+N/zPxXPFSJo…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqY3UrMB+e9AVHmVZCZ1FbqOmRAERMbLVltPdmgLVab/YL2kQvUD8HoSmMiQjiH3b/+BNJTDiCEy9rRT2yWwaWcA…
selectors probed

Certificate (current)

WE1
from 2026-05-12 to 2026-08-10
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://geldfit.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
DENY
permissions-policy
fullscreen=(self "https://vimeo.com" "https://*.vimeo.com")
x-content-type-options
nosniff
content-security-policy
default-src 'self'; media-src 'self' https://*.readspeaker.com https://static.widget.trengo.eu; object-src 'none'; worker-src 'self' blob:; child-src 'self' blob:; manifest-src 'self'; base-uri 'self'; form-action 'self' https://*.readspeaker.com; frame-src 'self' https://*.vimeo.com https://*.readspeaker.com https://challenges.cloudflare.com https://consentcdn.cookiebot.com https://www.googletagmanager.com https://*.geldfit.nl; block-all-mixed-content; upgrade-insecure-requests; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://cdn.jsdelivr.net https://*.readspeaker.com https://*.hotjar.com; img-src 'self' data: https://*.geldfit.dev https://*.geldfit.nl https://*.cloudflare.com https://static.cloudflareinsights.com https://*.r2.dev https://*.vimeocdn.com https://*.google-analytics.com https://*.analytics.google.com https://*.gstati
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy
unsafe-none

Links to (6)

Linked from (3)