aorta-lsp.nl — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Home | AORTA-LSP
Description: Het Landelijk Schakelpunt (LSP) is een landelijke infrastructuur voor de gezondheidszorg, waarmee zorgaanbieders medische gegevens van hun patiënten uitwisselen. Het LSP is gebouwd volgens het AORTA-afsprakenstelsel.
Language: nl
Canonical: https://www.aorta-lsp.nl/

Technology

Server: Apache
CMS: Drupal

Fonts

Google Fonts

Third-party hosts loaded (2)

unpkg.com×2
fonts.googleapis.com×1

Social

Contact

Phone

Registration

Registrar

KPN B.V.

Created

2020-08-21

Updated

2025-03-18

Name servers

ns11.kpn.net
ns1.kpn.net

DNS records live

NS

ns1.kpn.net
ns11.kpn.net

Email authentication no MX

SPF

v=spf1 -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:rua.aorta-lsp.nl@sendervalley.net; ruf=mailto:ruf.aorta-lsp.nl@sendervalley.net;

policy: reject (enforced)

DKIM

Show 12 DKIM selectors

default: v=DKIM1; p=
google: v=DKIM1; p=
selector1: v=DKIM1; p=
selector2: v=DKIM1; p=
k1: v=DKIM1; p=
k2: v=DKIM1; p=
mail: v=DKIM1; p=
dkim: v=DKIM1; p=
s1: v=DKIM1; p=
s2: v=DKIM1; p=
mxvault: v=DKIM1; p=
smtpapi: v=DKIM1; p=

selectors probed

Certificate (current)

Sectigo RSA Domain Validation Secure Server CA

from 2025-05-23 to 2026-06-13

Expires in 12 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.aorta-lsp.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), bluetooth=(), browsing-topics=(), camera=(), ch-ua=(), ch-ua-arch=(), ch-ua-bitness=(), ch-ua-full-version=(), ch-ua-full-version-list=(), ch-ua-mobile=(), ch-ua-model=(), ch-ua-platform=(), ch-ua-platform-version=(), ch-ua-wow64=(), clipboard-read=(), clipboard-write=(), conversion-measurement=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), focus-without-user-activation=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), identity-credentials-get=(), idle-detection=(), join-ad-interest-group=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), run-ad-auction=(), screen-wake-lock=(), serial=(), shared-autofill=(), speaker-selection=(), sync-script=(), sync-xhr=(), trust-token-redemp
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://unpkg.com https://vjs.zencdn.net https://*.matomo.cloud https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.youtube.com https://unpkg.com https://vjs.zencdn.net https://cdnjs.cloudflare.com; img-src 'self' data: https://*.youtube.com https://*.youtube-nocookie.com; media-src 'self' https://*.youtube.com https://*.vimeo.com; form-action 'self' https://login.microsoftonline.com/*; frame-src 'self' https://*.youtube.com https://*.vimeo.com https://vzvz.dicciswarehouse.nl https://*.youtube-nocookie.com; frame-ancestors 'none'; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://*.matomo.cloud; base-uri 'self'; report-uri /report-csp-violation
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (2)

vzvz.nl×1
volgjezorg.nl×1