indexo.dev

limburgiavlaai.nl

.nl crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 1491 ms crawled 2026-06-01

NL · 185.108.118.148 · AS30870 Trans-iX B.V.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Patisserie Limburgia - Dé banketbakkerij van Nederland
Description
Groot aanbod heerlijke Vlaaien, Taarten & Gebak. Elke dag ambachtelijk vers bereid. Ruim 50 winkels in Nederland. Bezorgen mogelijk. Bestel nu online!
Language
nl
Canonical
https://www.limburgiavlaai.nl/
Translations
  • nl

Technology

Server
nginx
CMS
Gatsby
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • images.prismic.io×8
  • limburgiavlaai.imgix.net×4
  • chimpstatic.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.yourdomainprovider.net
  • ns2.yourdomainprovider.net
  • ns3.yourdomainprovider.net
  • ns4.yourdomainprovider.net
MX
  • 0 mail.limburgiavlaai.nl
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com ip4:185.108.118.148/32 ip4:185.108.118.137/32 -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthehCIrE24G+47omrohoaOn7mz2A90FguPIeK1zKa/ywQbORpx140UsURExgIJEfyowTAUTvLMDCIF…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

E8
from 2026-05-05 to 2026-08-03
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.limburgiavlaai.nl/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy-report-only
font-src *.gstatic.com 'self' data: fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com limburgia.prismic.io consentcdn.cookiebot.com js.mollie.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.prism.app-us1.com *.prismic.io www.facebook.com co

Links to (5)

Linked from (1)