indexo.dev

tkmaxx.nl

.nl crawl

First seen 2026-05-20 · Last seen 2026-05-30 · ok HTTP/1.1 200 3321 ms crawled 2026-05-27

IE · 46.137.157.217 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector fashion type homepage

HTML metadata

Title
Topmerken, mode en homeware voor minder | TK Maxx NL
Description
Ontdek kleding, beauty, schoenen, accessoires en homeware van topmerken tot 60% goedkoper. Ervaar het schatzoeken bij TK Maxx. Vind jouw winkel!
Language
nl
Generator
Drupal 10 (https://www.drupal.org)
Canonical
https://www.tkmaxx.nl/

Open Graph

url
https://www.tkmaxx.nl/
email
tkmaxx@hetprbureau.nl
title
TK Maxx Nederland
site name
TK Maxx Nederland
description
TK Maxx Nederland is een toonaangevende off-price retailer die designermerken aanbiedt tegen geweldige prijzen.
phone number
+31-10-711-4866

Technology

Server
nginx
CMS
Drupal
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • www.googletagmanager.com×1
  • www.juicer.io×1

Social

Registration

Registrar
MarkMonitor Inc.
Created
2014-09-05
Updated
2026-04-20
Name servers
  • a1-117.akam.net
  • a18-67.akam.net
  • a22-64.akam.net
  • a5-65.akam.net
  • a7-66.akam.net
  • a14-66.akam.net

DNS records live

NS
  • a1-117.akam.net
  • a14-66.akam.net
  • a18-67.akam.net
  • a22-64.akam.net
  • a5-65.akam.net
  • a7-66.akam.net
MX
  • 10 mxa-00081a02.gslb.pphosted.com
  • 10 mxb-00081a02.gslb.pphosted.com
  • 20 mx0a-00081a02.pphosted.com
  • 20 mx0b-00081a02.pphosted.com
TXT
  • T0K0M31639
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 ip4:205.220.171.102 ip4:205.220.182.205 ip4:205.220.173.171 ip4:205.220.161.171 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com; fo=1;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R36
from 2025-08-04 to 2026-08-05
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.tkmaxx.nl/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.gstatic.com *.juicer.io *.gigya.com *.flashtalking.com *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google-analytics.com *.gigya.com *.cookielaw.org *.juicer.io *.maxmind.com *.youtube.com *.onetrust.com *.ytimg.com *.facebook.net *.ckeditor.com *.cookielaw.org qa1-loyalty.stage.hogarth.homesense.ie *.google.com *.gstatic.com *.googletagmanager.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com *.js-agent.newrelic.com *.juicer.io *.newrelic.com; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google-analytics.com *.gigya.com *.cookielaw.org *.juicer.io *.onetrust.com *.ckeditor.com *.cookielaw.org cdn.jsdelivr.net cdnjs.cloudflare.com; img-src 'self' 'unsafe-eval' data: *.adnxs.com *.mookie1.com *.fbcdn.net *.imgur.com *.google-analytics.com *.doubleclick.net *.ipredictive.com *.gstatic.com *.googleapis.com *.gigya.com *.facebook.com *.ckeditor.com *.cookielaw.org *.js-agent.n

Links to (14)

Linked from (4)