equalit.nl — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Equalit
Description: Wij zijn Equalit! Een ICT-samenwerkingsverband van en voor lokale overheden.
Language: nl
Generator: TYPO3 CMS

Open Graph

title: Equalit
description: Wij zijn Equalit! Een ICT-samenwerkingsverband van en voor lokale overheden.

Technology

Server: nginx

Social

DNS records live

NS

ns1.qsp.nl
ns2.qsp.nl

MX

5 equalit-nl.mail.protection.outlook.com

TXT

Show 7 TXT records

OJYWJLdOPljYU9rNpqLYYhfGoSVQnvlI9WVPP59RhNg=
5ckQzCWDRIiuK0Scy8leyZkG3P6sEQQ7wlnxTFRseG0pmsOruFNOBxH5qOD83o2/I7BIEWCIJDttY0+ylu8RlQ==
MS=779A1C57D7D4FBFFF79385FDBBFE7834F9F860A5
citrix.mobile.ads.otp=gj36ne4rkvbu7r911gat
VDRHl8Mmh7c58xs9+UiwzbsPtvYXp1/mMn2ioDxHdOVRR5R7OPtLoFzoO2RdLmtWRFtYsIctSd+E9x/jfAJxyw==
DomainVerification=BDKHHMF1KF8L0XEVYU5VOI8E1OZO4C344WVCV2HWSZA5ONYHCYJINH53Q2TNKJS0
v=NTA7516-1;startdate=2026-02;enddate=2029-10;provider=Zivver

Verified for

Apple
Atlassian
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 a:equalit.nl include:_spf.equalit.nl -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; ruf=mailto:dmarc_forensic@equalit.nl

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RNUGXPXD4LUp+FZc83P038zR6F4v0V5+W56zgb5gEhzpyZ0EESQMuf75Oo53RC8EM2DfzajgGqU1A…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2025-10-07 to 2026-10-30

Expires in 151 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://equalit.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), camera=(), microphone=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-iWBliO0oX8RgRheB6hc_CUsBneR2kReLz4RWxsaMmsYzL7BoEeE5Fw' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com *.google.com; style-src-elem 'self' 'nonce-iWBliO0oX8RgRheB6hc_CUsBneR2kReLz4RWxsaMmsYzL7BoEeE5Fw' https://fonts.gstatic.com https://fonts.googleapis.com 'report-sample'; script-src-elem 'self' 'nonce-iWBliO0oX8RgRheB6hc_CUsBneR2kReLz4RWxsaMmsYzL7BoEeE5Fw' 'strict-dynamic' https: 'unsafe-eval' blob: https://s7.addthis.com https://www.google.com *.s7.addthis.com *.www.google.com 'report-sample'; connect-src 'self' *.google.com https://*.googleapis.com https://*.gstatic.com blob: data:; font-src 'self' https://fonts.gstatic.com; worker-src 'self' 'nonce-iWBliO0oX8RgRheB6hc_CUsBneR2kReLz4RWxsaMmsYzL7BoEeE5Fw' blob
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp

Links to (2)

twitter.com×1
linkedin.com×1