indexo.dev

xxldirect.nl

.nl crawl

First seen 2026-05-16 · Last seen 2026-05-31 · ok HTTP/1.1 200 1708 ms crawled 2026-05-20

DE · 162.55.4.19 · AS24940 Hetzner Online GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Kunststof platen, wandpanelen & overkappingen | XXL Direct
Description
Dé online shop voor kunststof platen, wandpanelen, EPDM, daktrimmen en overkappingen. Bestel nu tegen de laagste prijs en met snelle levering uit voorraad!
Language
nl
Canonical
https://www.xxldirect.nl
Translations
  • de
  • nl

Open Graph

url
https://www.xxldirect.nl
title
Kunststof platen, wandpanelen & overkappingen | XXL Direct
site name
XXL Direct
description
Dé online shop voor kunststof platen, wandpanelen, EPDM, daktrimmen en overkappingen. Bestel nu tegen de laagste prijs en met snelle levering uit voorraad!

Technology

Server
nginx
CMS
Gatsby
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • fonts.googleapis.com×6
  • www.googletagmanager.com×1
  • www.xxldirect.de×1
  • xxldirect.belris.nl×1

Social

Contact

Phone
Address
PvMG Oranje 9, 6666 LV, Heteren, Gelderland

Registration

Registrar
Easyhosting B.V.
Created
2018-03-13
Updated
2019-01-24
Name servers
  • ns1.dnstools.nl
  • ns2.dnstools.nl

DNS records live

NS
  • ns1.dnstools.nl
  • ns2.dnstools.nl
MX
  • 10 xxldirect-nl.mail.protection.outlook.com
Verified for
  • Google
  • Meta
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com ip4:159.69.163.212 ip4:217.67.239.208 ip4:157.90.131.175 ip6:2a01:4f8:252:4511::2 ip4:162.55.4.19 ip6:2a01:4f8:252:555::2 ~all
softfail (~all)
DMARC
not published
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtzX6gn1mXJ9+PmMVpsD0CLl6EBfbaAaKB1C3J4J1oHoK9Hnlifz31sbj6sCFHtIAkTGFhgR5I71zqdP0Wnt…
selectors probed

Certificate (current)

E7
from 2026-05-03 to 2026-08-01
Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.xxldirect.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • weak content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff, nosniff
content-security-policy
font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https://applepay.cdn-apple.com *.googleapis.com *.fonts.googleapis.com data: *.cloudflare.com https://widgets.trustedshops.com sst.xxldirect.nl data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com bid.g.doubleclick.net *.youtube-nocookie.com www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com https://www.paypal.com https://www.sandbox.paypal.com https://pay.google.com https://applepa
strict-transport-security
max-age=31536000, max-age=31536000

Links to (5)

Linked from (10)