hiscox.nl

HTML metadata

Title

Beroepsaansprakelijkheid & particuliere verzekeringen | Hiscox

Description

We verzekeren de zakelijke risico's van ondernemers, van beroepsaansprakelijkheid via cyberschade tot materiële en letselschade bij hun klanten.

Language

nl

Generator

Drupal 11 (https://www.drupal.org)

Canonical

https://www.hiscox.nl/

Translations

nl

Open Graph

locale: nl_NL

Technology

CDN: Cloudflare
CMS: Drupal

Analytics

Cloudflare Insights
Google Analytics
Google Tag Manager

Ads

Google Ads
Google Ads (DoubleClick)
Meta Pixel

Fonts

Google Fonts

Third-party hosts loaded (20)

www.googletagmanager.com×2
ajax.googleapis.com×1
api.feefo.com×1
connect.facebook.net×1
eu-central-1-decisionapi.lift.acquia.com×1
fonts.gstatic.com×1
googleads.g.doubleclick.net×1
hiscox.15gifts.com×1
hubspot-no-cache-eu1-prod.s3.amazonaws.com×1
i.ytimg.com×1
static.cloudflareinsights.com×1
static.doubleclick.net×1
stats.g.doubleclick.net×1
tags.tiqcdn.com×1
www.facebook.com×1
www.google-analytics.com×1
www.google.co.uk×1
www.google.com×1
www.googleadservices.com×1
yt3.ggpht.com×1

Social

DNS records live

NS

ns1.netnames.net
ns2.netnames.net
ns5.netnames.net
ns6.netnames.net

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

Show 6 TXT records

8s5bzkyxnt64bh3qy7yyk9f5f5cctl4k
_rgn61cbi1q1szz48gvoleedgoeetmf8
yjq2fgfmgs2vvyfq0cqm24gxfplvs416
EssJH/E6bmU9Am37g/gz+ZMJeTTSizJWXVYqhZFG5Hs=
amazonses:ReWT4ce1jWmQc95CGFBDVx64C6ATuqqN0kz8kWvudyY=
QZ/DsKyblSL5+3F5X4H0kYOnLrkwuP8FpHRjTEnUAKcxjUrVOFFPaVE/Aey6AOJUuG+l3AHC9XgMMe8c+o6htw==

Verified for

Dynamics 365
GlobalSign
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:eu._netblocks.mimecast.com include:amazonses.com include:25921320.spf02.hubspotemail.net include:sendgrid.net ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:0782b17d5857572@rep.dmarcanalyzer.com; ruf=mailto:0782b17d5857572@for.dmarcanalyzer.com; fo=1;

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HG1QXBpTzt8v/UMg11iZKyApDUukcDtr76Dg3D1fWgmbiMFE46MeipsU3b6/Hf6K0RvUY6/zLdyQb/yDW…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrh9QzW3MYoEvlSuAkyPX4DsdzT1PZWqqWA2EBefpIDnUakEL0/P1j6yWLeaPgkaOVl5kt40qzyPNvi2GpFSM2oA…

selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2026-03-24 to 2026-10-05

Expires in 123 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.hiscox.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: ALLOW-FROM https://adviseur.hiscox.nl
permissions-policy: accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),bluetooth=(),browsing-topics=(),camera=(),compute-pressure=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-create=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),speaker-selection=(),storage-access=(),usb=(),web-share=(),window-management=(),xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'none'; style-src * 'unsafe-inline'; img-src * 'self' data: https:; media-src *; frame-src *; frame-ancestors 'self' *.hiscox.nl; child-src *; font-src * data:; connect-src *; report-uri /report-csp-violation
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin