gispen.com

HTML metadata

Title

Circulaire projectinrichter voor zorg, onderwijs en kantoor - Gispen

Description

Gispen is expert in duurzame projectinrichtingen. Wij zijn uw circulaire projectinrichter voor zorg-, onderwijs- en kantooromgevingen en denken graag met u mee

Language

en

Canonical

https://www.gispen.com/en/

Translations

en
nl

Open Graph

url: https://www.gispen.com:80/en/
title: Circulaire projectinrichter voor zorg, onderwijs en kantoor - Gispen
description: Gispen is expert in duurzame projectinrichtingen. Wij zijn uw circulaire projectinrichter voor zorg-, onderwijs- en kantooromgevingen en denken graag met u mee

Technology

CDN: Cloudflare
CMS: Gatsby
jQuery: 3.4.0 known XSS (<3.5)

Analytics

Google Analytics
Google Tag Manager
Hotjar

Cookie consent

Usercentrics

Third-party hosts loaded (9)

www.googletagmanager.com×2
az416426.vo.msecnd.net×1
d3mqm7qcmt24xk.cloudfront.net×1
script.hotjar.com×1
snap.licdn.com×1
static.hotjar.com×1
vars.hotjar.com×1
web.cmp.usercentrics.eu×1
www.google-analytics.com×1

Social

Registration

Registrar

Key-Systems GmbH

Created

1996-11-04

Expires

2026-11-03 154 days left

Updated

2025-11-28

Name servers

ns0.transip.net
ns1.transip.nl
ns2.transip.eu

DNS records live

NS

ns0.transip.net
ns1.transip.nl
ns2.transip.eu

MX

10 gispen-com.mail.protection.outlook.com
20 relay.transip.nl

TXT

knowbe4-site-verification=34830c270ccc0ca451f3c97ec67e32f6
bj1rfjrpv5hd949ae2gkp5gbrj

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:spf.gispenlive.hypernode.io include:mailplus.nl include:servers.mcsv.net include:amazonses.com ip4:5.39.185.40 -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:mailto:dmarc_agg@vali.email

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqH3QCukEaG+E4n9w+IS3mjwvgV82wksOyIWqgbPB7+MrdJK6K0LTbu2DPXIkfw8WH3c+u5s7Jvvhr…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eF9E3rC5n0aHXUBlWmtTw2ptOzd3N0NjukypE32Lnt5FjvuHz0hoToJoI1iBpCh6zJDqlWnW/XxAl7lh9…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxDDZAiaBc9eHX4SaO7iA6n0wezxLvgSOI9K1ixlA4zHvCEGQD2tSNUPGvtIUaMlksYOSxMTlfoTbD16Pw6wLPr0…

selectors probed

Certificate (current)

WE1

from 2026-04-06 to 2026-07-05

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.gispen.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.ahrend.com:80 *.usercentrics.eu *.cookiebot.eu consent.cookiebot.eu *.intercom-sheets.com https://unpkg.com/ *.unpkg.com *.salesforce-sites.com *.calendly.com *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net *.leadinfo.net *.ldnfrpl.com https://img.sct.eu1.usercentrics.eu *.usercentrics.eu *.clarity.ms webhook.site; style-src 'self' 'unsafe-inline' https: data: *.typekit.net *.myfonts.net *.bootstrapcdn.com; img-src 'self' https: data: blob: *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank
strict-transport-security: max-age=2592000