xlblinds.nl

HTML metadata

Title

Raamdecoratie op Maat kopen? Fabrieksprijzen | XLBlinds

Description

Luxe raamdecoratie op maat direct van de fabrikant. ✓ Snelle levering ✓ Gratis kleurstalen ✓ Tot 350cm breed. Bespaar en bereken direct je prijs online!

Language

nl-NL

Canonical

https://xlblinds.nl/

Feeds

XLBlinds Feed RSS

Open Graph

url: https://xlblinds.nl/
title: Raamdecoratie op Maat kopen? Fabrieksprijzen | XLBlinds
video: https://xlblinds.nl/wp-content/uploads/2026/04/xlblinds_fpv_raamdecoratie_1.mp4
locale: nl_NL
site name: XLBlinds
description: Luxe raamdecoratie op maat direct van de fabrikant. ✓ Snelle levering ✓ Gratis kleurstalen ✓ Tot 350cm breed. Bespaar en bereken direct je prijs online!
updated time: 2026-05-08T01:07:00+01:00

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Analytics
Google Tag Manager

Ads

Google AdSense

Third-party hosts loaded (4)

pagead2.googlesyndication.com×1
www.google-analytics.com×1
www.googletagmanager.com×1
www.youtube.com×1

Social

Contact

Email

Phone

004504024

Registration

Registrar

Hosting Secure

Created

2022-09-04

Updated

2025-12-04

Name servers

ns-1785.awsdns-31.co.uk
ns-1517.awsdns-61.org
ns-480.awsdns-60.com
ns-851.awsdns-42.net

DNS records live

NS

ns-1517.awsdns-61.org
ns-1785.awsdns-31.co.uk
ns-480.awsdns-60.com
ns-851.awsdns-42.net

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

Google

Email authentication partial

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1;p=none;

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQDX4R06k/gZszr9fe0mW984oiXE4rVs2lnRwokt1fm5jvU6AtaNv+dxRil/6k/1BOJZ3/NW+qAUZ3…

selectors probed

Certificate (current)

WE1

from 2026-04-29 to 2026-07-28

Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://xlblinds.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(self), picture-in-picture=(), publickey-credentials-get=(self), usb=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self' https: wss:; frame-src 'self' https:; media-src 'self' data: blob: https:; worker-src 'self' blob:; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains