Skip to content
Start free scan
Public reportCertified until 8 July 2027

domeinflits.nl

Visit domeinflits.nl ↗

Speed
98
Security
63
Mobile
100
Accessibility
97
Average score
90/ 100
Better than 54% of the 13 scanned sites
✓ WebYes certified

Certified on 8 July 2026 · 8 pages checked · 7 improvements found

Full audit

Part of the WebYes certification: beyond the four pillars we also audit SEO, structured data, content, links, privacy and AI findability. These extra categories do not count towards the certification score.

Spam signals
89
Legal
93
Technical
98
On-page SEO
99
Links
99
Structured data
99
Content
99
AI findability (GEO)
99
Quality impression
99
Privacy
99
URL structure
100
Social
100

Findings (20)

  • ErrorAccessibility

    3 <input> element(s) have no associated label, aria-label, or aria-labelledby.

    Associate a <label for="inputId"> or add aria-label="..." to every visible form input.

    How to fix it

    Link every form field to a label via for/id, or use aria-label. A placeholder alone is not enough: it disappears as soon as someone types.

    Read more in the knowledge base: WCAG guidelines →

  • ErrorSecurity

    Cookie `Next-Locale` is set on an HTTPS page without the Secure flag.

    Add `Secure` to the Set-Cookie header so the cookie is only ever sent over HTTPS. Pair with `HttpOnly` and `SameSite=Lax` (or `Strict`).

    How to fix it

    Set the Secure flag on all your cookies so they are only sent over HTTPS. In most frameworks this is a single setting in the cookie or session configuration.

    Read more in the knowledge base: SSL certificate →

  • WarningSpeed

    HTML document is 569 KB (budget: 488.28125 KB).

    Large HTML payloads delay First Contentful Paint on slow connections. Server-render only above-the-fold content and lazy-load the rest, or paginate long listing pages. In Next.js, use streaming with `loading.tsx` to flush the shell early.

    How to fix it

    Your HTML document is considerably larger than needed. The usual culprits are inline CSS or JSON data in the page; move those to separate files or load them only when needed.

    Read more in the knowledge base: Testing website speed →

  • WarningSecurity

    No Content-Security-Policy header — XSS / clickjacking surface is wide open.

    Start with a strict-dynamic CSP using nonces: `Content-Security-Policy: script-src 'nonce-<...>' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'`. Roll out in `Content-Security-Policy-Report-Only` first to catch violations.

    How to fix it

    Add a Content-Security-Policy header that defines which sources may load scripts and styles. Start with a report-only policy if needed and tighten it from there.

    Read more in the knowledge base: Security headers →

  • WarningOn-page SEO

    Title is too long (77 chars, max 60); will be truncated in SERPs.

    Trim to ~60 characters and keep the most important keywords on the left.

  • WarningAI findability (GEO)

    robots.txt blocks 5 AI crawlers: GPTBot, ClaudeBot, Google-Extended, CCBot, Applebot-Extended.

    If you want ChatGPT / Claude / Perplexity citations, allow those bots: add `User-agent: GPTBot\nAllow: /` etc. to robots.txt. Note that Google's AI Overviews / AI Mode are unaffected — they use Googlebot and snippet eligibility, not these bots. Google-Extended is different: it only controls Gemini model training/grounding — blocking it does NOT remove you from AI Overviews (those are Search features served via Googlebot), so keeping that block is a legitimate policy choice. (If a block is intentional, suppress this rule.)

  • WarningSpam signals

    Term "token" appears unusually often (123×, 13% of words).

    Rewrite for natural language — repeated exact-match phrases can trigger spam classifiers.

  • InfoSpeed

    Likely LCP image is missing `fetchpriority="high"`.

    Add `fetchpriority="high"` to the hero image (/_next/image?url=%2Fimages%2Fkennisbank%2Fwat-is-een-vervallen-domein.webp&w=1920&q=75) so the browser fetches it ahead of low-priority resources. Saves 100-300ms LCP on typical pages.

    How to fix it

    Prioritise your largest above-the-fold image with fetchpriority="high" or a preload link. The download then starts immediately instead of after the rest of the page.

    Read more in the knowledge base: Core Web Vitals →

  • InfoSecurity

    No `/.well-known/security.txt` published.

    Publish a `security.txt` (RFC 9116) at `/.well-known/security.txt`. Even a one-line `Contact: mailto:[email protected]` plus an `Expires:` date is enough; it gives white-hat researchers somewhere to send reports instead of giving up.

    How to fix it

    Publish a security.txt at /.well-known/security.txt with a contact address for security reports. Researchers then know where to report a vulnerability.

    Read more in the knowledge base: Security headers →

  • InfoSecurity

    Missing `Cross-Origin-Embedder-Policy`. Cross-origin isolation lets you use SharedArrayBuffer and high-resolution timers safely.

    Send `Cross-Origin-Opener-Policy: same-origin` and `Cross-Origin-Embedder-Policy: require-corp`. Note this requires every embedded resource to send `Cross-Origin-Resource-Policy`.

    How to fix it

    Add Cross-Origin-Opener-Policy: same-origin (and where possible Cross-Origin-Embedder-Policy). This isolates your site from windows opened by other origins.

    Read more in the knowledge base: Security headers →

  • InfoOn-page SEO

    Meta description is slightly over the recommended length (165 chars, max 160).

  • InfoOn-page SEO

    Page declares noindex; it will not be indexed.

    Remove noindex if this page should appear in search results.

  • InfoLinks

    Page is only linked from chrome (7 inbound links, none from main content).

    Add contextual links from related parent or sibling pages — header/footer links pass weak relevance signals to Google.

  • InfoStructured data

    Page has no JSON-LD structured data in the initial HTML.

    Server-render JSON-LD in the HTML response. If this is currently injected after hydration (for example with next/script afterInteractive), static crawlers and AI bots may not see it.

  • InfoContent

    Text-to-HTML ratio is 0.5% (target ≥ 2%).

    Very low ratios usually mean the hydration payload, inline RSC blob or a vendor script is bigger than the rendered prose. Inspect the largest scripts and externalise or split them.

  • InfoTechnical

    Crawl stopped at the max-pages limit (6); 1034 sitemap URLs were not visited but might still be reachable.

    Re-run with `--max-pages 2000` (or higher) before trusting orphan-from-sitemap counts.

  • InfoTechnical

    No HTML sitemap link found on the homepage. Placing one in the footer is an industry best practice for UX and crawler/AI discovery.

    Add a link to a user-facing HTML sitemap (e.g. `/sitemap`, not `sitemap.xml`) inside the <footer>. An HTML sitemap acts as a structural overview for lost visitors and as a fallback discovery surface for search engines and AI crawlers.

  • InfoLegal

    Site sets cookies on 8 page(s) but no cookie consent mechanism was detected.

    Implement a CMP (Cookiebot, OneTrust, Usercentrics, Complianz) or build a consent banner. GDPR and ePrivacy require prior consent for non-essential cookies in the EU.

  • InfoQuality impression

    Homepage has no `<link rel="icon">` — browsers will request /favicon.ico which may 404.

    Add a custom favicon that reflects your brand. A missing favicon causes extra 404 log noise and looks unprofessional in browser tabs and bookmarks.

  • InfoPrivacy

    1 phone-shaped string(s) appear in main content. Examples: 866341225.

    If the phone numbers are intentional public contact info, ignore this finding. If they're personal numbers (employees, customer testimonials), redact or replace with a routing alias.

Full audit performed on 8 July 2026.

More from the register

Other websites holding an active WebYes certification. Every report is public and audited on the same four pillars.

solarfast.nl✓ Certified

Score 94 / 100 · view the report →

webyes.nl✓ Certified

Score 94 / 100 · view the report →

duurzaamgefinancierd.nl✓ Certified

Score 96 / 100 · view the report →

e-bids.nl✓ Certified

Score 96 / 100 · view the report →

Scan your own websiteView the certification register →Share your score:LinkedInX
webyes

Het onafhankelijke keurmerk voor Nederlandse websites. Kalm, transparant, jaarlijks herkeurd.

Start gratis scan

Keurmerk

  • Start gratis scan
  • Hoe het werkt
  • Keurmerkregister
  • Prijzen
  • Veelgestelde vragen

Kennis

  • Kennisbank
  • Blog
  • Jaarrapport

Bedrijf

  • Over ons
  • Contact
  • Mijn account

Juridisch

  • Privacybeleid
  • Algemene voorwaarden
  • Cookies
© 2026 WebYesGebouwd in Nederland.

Jaarrapport in de maak. In de maak: het jaarrapport over de staat van het Nederlandse web. Lees meer →

webyes
WerkwijzePrijzenRegisterKennisbankOver ons
InloggenStart gratis scan