indexo.dev

loxam.nl

.nl crawl

First seen 2026-05-16 · Last seen 2026-06-04 · ok HTTP/1.1 200 1075 ms crawled 2026-06-04

NL · 20.31.112.23 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Homepage | Méér dan alleen materieelverhuur | LOXAM - Loxam
Description
Huur machines en materieel bij Loxam: flexibel, modern en direct inzetbaar. Voor elke klus, met deskundig advies en landelijke service.
Language
nl
Translations
  • fr ×3
  • de ×2
  • da
  • nl

Technology

Server
*
Stack
Java
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (14)
  • medias.loxam.com×56
  • fonts.googleapis.com×5
  • www.googletagmanager.com×4
  • www.loxam.be×2
  • www.loxam.ch×2
  • elfsightcdn.com×1
  • fonts.gstatic.com×1
  • loxam.api.useinsider.com×1
  • maps.googleapis.com×1
  • static.elfsight.com×1
  • unpkg.com×1
  • www.loxam.de×1
  • www.loxam.dk×1
  • www.loxam.fr×1

Social

Contact

Phone
Address
89 Avenue de la Grande Armée, 75219, PARIS Cedex 16, France

DNS records live

NS
  • ns1.safebrands.fr
  • ns2.safebrands.eu
  • ns3.safebrands.com
  • ns4.safebrands.org
  • ns5.safebrands.tech
MX
  • 10 mx1.loxgroup.com
  • 10 mx2.loxgroup.com
Verified for
  • Google

Email authentication strong

SPF
v=spf1 mx a ip4:109.26.223.93 include:spf.protection.outlook.com include:_spf.salesforce.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; fo=1; rua=mailto:a.ejt970iu@sdmarc.net
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8fyb881xBeM0T2tl/gdoqpZNjwEnLBlfEY5/wTSC62xbIPs5LwsV8KdDuQZMjwWsdPoVUrI6COyWr…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA EV R36
from 2026-03-04 to 2027-03-05
Expires in 273 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.loxam.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-sbqMQ0xeweq3fHyf7HRsKFl9wQgap0dxlrOr9jElA0o=' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/api.js https://*.loxam.com https://loxam.com https://*.model-t.cc.commerce.ondemand.com https://fonts.googleapis.com https://maps.gstatic.com https://www.googletagmanager.com/gtm.js https://www.google.com/recaptcha/* https://maps.googleapis.com/maps/api/js https://www.gstatic.com/recaptcha/* https://*.useinsider.com https://*.matomo.cloud https://*.evgnet.com https://*.algolia.net https://*.algolianet.com https://widgets.custplace.com/ https://script.hotjar.com https://*.hotjar.com https://halc.iadvize.com https://*.iadvize.com https://stats.webleads-tracker.com https://get.smart-data-systems.com https://*.smart-data-systems.com https://eqy.link https://userlink.ai https://*.userlink.ai https://elfsightcdn.com https://*.elfsight.com ;script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' https:
strict-transport-security
max-age=31536000 ; includeSubDomains

Links to (7)

Linked from (5)