indexo.dev

visitleiden.nl

.nl crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1264 ms crawled 2026-05-30

IE · 79.125.126.131 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Leiden, Stad van Ontdekkingen | Visit Leiden
Description
Wat te doen in Leiden? Bezoek de hofjes, Rembrandt van Rijn, 13 musea, grachten, terrassen, shoppen, uitagenda en meer. Een groot openluchtmuseum. Wat te doen in Leiden. Tips voor Leiden.
Language
nl
Translations
  • de
  • en
  • nl

Open Graph

title
Leiden, Stad van Ontdekkingen
site name
Visit Leiden
description
Wat te doen in Leiden? Bezoek de hofjes, ontdek het verhaal van Rembrandt, 13 musea, grachten, terrassen, shoppen, UITagenda en meer. Een groot openluchtmuseum. Wat te doen in Leiden. Tips voor Leiden.

Technology

Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts

Third-party hosts loaded (3)

  • assets.plaece.nl×23
  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns1.thednscompany.com
  • ns2.thednscompany.com
  • ns3.thednscompany.com

Email authentication no MX

SPF
v=spf1 include:_spf.spotler.email include:relay.insiders.nl -all
strict (-all)
DMARC
v=DMARC1; p=none; sp=none;
policy: none (monitoring only) · sp=none
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-11 to 2026-07-10
Expires in 40 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.visitleiden.nl/nl

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*, autoplay=*, accelerometer=(), camera=(), microphone=(), usb=(), gyroscope=(), magnetometer=()
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval' data: blob:; block-all-mixed-content; connect-src * blob:; font-src https:; frame-ancestors 'self' https://preview.plaece.nl; frame-src *; img-src https: data: blob:; media-src https: data: blob:; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; report-uri /nelmio/csp/report; worker-src https: blob:
strict-transport-security
max-age=315360000

Links to (9)

Linked from (1)