indexo.dev

tradeworld.eu

.eu crawl

First seen 2026-05-22 · Last seen 2026-06-03 · ok HTTP/1.1 200 2256 ms crawled 2026-05-28

BE · 104.155.35.189 · AS396982 Google LLC

Reputation 100/100

Classifying

HTML metadata

Title
Everything Central in One Stock System | TradeWorld - Tradeworld
Description
Manage your entire stock, ads and visibility from one central stock system by TradeWorld. Everything centrally organised, quickly adaptable and ready for sale at home and abroad.
Language
en-US
Canonical
https://tradeworld.eu
Translations
  • fr ×3
  • nl ×3
  • cs ×2
  • da ×2
  • de ×2
  • en ×2
  • es ×2
  • fi ×2
  • it ×2
  • pl ×2
  • pt ×2
  • ru ×2
  • sv ×2

Open Graph

url
https://tradeworld.eu/
title
Everything Central in One Stock System | TradeWorld
locale
en_US
site name
global.site_url
description
Manage your entire stock, ads and visibility from one central stock system by TradeWorld. Everything centrally organised, quickly adaptable and ready for sale at home and abroad.
locale:alternate
sv_SE

Technology

Server
nginx
CMS
Nuxt
JS framework
Nuxt
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • tradeworld.b-cdn.net×10
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns0.leaseweb.com
  • ns1.leaseweb.com

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-08 to 2026-07-07
Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://tradeworld.eu/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak content type protection
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options
nosniff, nosniff
content-security-policy
base-uri 'none'; font-src * data: blob:; form-action 'self'; frame-ancestors *; img-src * data: blob:; object-src 'none'; script-src-attr * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; frame-src * data: blob:; child-src * data: blob:; connect-src * data: blob:; media-src * data: blob:;
strict-transport-security
max-age=15552000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (5)

Linked from (7)