indexo.dev

mijnstevensbloem.nl

.nl crawl

First seen 2026-05-27 · Last seen 2026-05-27 · ok HTTP/1.1 200 2717 ms crawled 2026-05-30

NL · 85.17.67.221 · AS60781 LeaseWeb Netherlands B.V.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Winkelcentrum Stevensbloem - Mijn Stevensbloem
Description
Compact en compleet winkelcentrum bij jou in de buurt.
Language
nl-NL
Generator
WordPress 7.0
Canonical
https://mijnstevensbloem.nl/
Feeds

Open Graph

url
https://mijnstevensbloem.nl/
title
Winkelcentrum Stevensbloem - Mijn Stevensbloem
locale
nl_NL
site name
Mijn Stevensbloem
description
Compact en compleet winkelcentrum bij jou in de buurt. Het is altijd gezellig! Evenementen Winkel Link Download onze bestellijst HIER Bestel onze Kerst IJstaarten
updated time
2026-05-27T13:59:46+00:00

Technology

Server
nginx
CMS
WordPress 7.0
PHP
8.4.21
jQuery
3.7.1
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×4

Social

Contact

Phone

DNS records live

NS
  • ns1.openprovider.nl
  • ns2.openprovider.be
  • ns3.openprovider.eu
MX
  • 1 mx1.compleet.email
  • 2 mx2.compleet.email

Email authentication weak

SPF
v=spf1 include:spf.compleet.email ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-14 to 2026-08-12
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://mijnstevensbloem.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), camera=(), microphone=(), payment=(), usb=(), accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://www.google-analytics.com https://region1.google-analytics.com; frame-src 'self' https://www.youtube-nocookie.com https://www.google.com; upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (10)

Linked from (1)