maassluis.nl

HTML metadata

Title: Home | Gemeente Maassluis
Description: Dit is de officiële website van de gemeente Maassluis. Hier vindt u alle informatie, nieuwsberichten en dienstverlening van gemeente Maassluis.
Language: nl
Generator: SIMsite powered by Drupal
Canonical: https://www.maassluis.nl/

Open Graph

url: https://www.maassluis.nl/
title: Home
locale: nl
site name: Gemeente Maassluis
description: Dit is de officiële website van de gemeente Maassluis. Hier vindt u alle informatie, nieuwsberichten en dienstverlening van gemeente Maassluis.
updated time: 2026-05-14T09:16:17+02:00

Technology

CMS: Drupal
JS framework: Next.js

Third-party hosts loaded (3)

cuatro.sim-cdn.nl×72
fonts.bunny.net×1
maassluis.logging.simanalytics.nl×1

Social

Contact

Phone

DNS records live

NS

ns0.transip.net
ns1.transip.nl
ns2.transip.eu

MX

100 maassluis-nl.mail.protection.outlook.com

TXT

Show 5 TXT records

5348e2dba894bd7ecf1045e6c7f15eb37be44be9c468f66c8400ebb73f194fe2
65c77382490050107e6c7d3272f6d4980076f90f1a8f7f31621960dc18755a0d
yLdQjDLtlOqoyHKJb6PVKOryz1aDgkVNKVmr2TND3t4+H6XpRURUjq0/DBSgfiAZVEi3MoiOiQX0dGvQM/BQ5Q==
v66h23rhgttysv0ts9d2g1jfnxwpdq63
beedabee80c2d57be378d2c272335af887fde149c13977b9a15ff6e4359ec744

Verified for

Apple
Microsoft 365

Email authentication partial

SPF

v=spf1 mx include:spf.protection.outlook.com include:_spf.eu.mailgun.org include:spf.afas.online include:spf.pinkprivate.cloud include:hosting.regicare.nl -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWYCu0+YEPmh+HwzPnFVVtoMRQQ4VF1xtYunIDzKkM7pEwyzEUR3PX8KaZ/7eP507XCuTKvR4krus7u/0Nk2…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qSDBSP4q3hhFTeCM/sEgHbcL8YD4D9XKZ0RA2CMSq3GEolmBlLVvwXb/0FB2eFrY4AjvxUIuIe+e/lmyD…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWQFRPMHq8xyAxGkEM53W5FasbKy4Y79U+4HNQDVJ2NDRFhUDobn1rDR++1/E0S04NrWo7JAmgjDftAVPxLfj3kr…

selectors probed

Certificate (current)

Thawte TLS RSA CA G1

from 2026-03-25 to 2026-10-10

Expires in 130 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.maassluis.nl/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: same-origin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; img-src * data: 'unsafe-inline' blob:; style-src * 'unsafe-inline' blob:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src *; form-action *; media-src *.readspeaker.com *.streamlock.net *.archieven.nl storage.googleapis.com scribit-pro-hosting.storage.googleapis.com scribit-pro.storage.googleapis.com app.talkjs.com *.bbvms.com *.cloudfront.net data: 'self' blob:; frame-src *; frame-ancestors 'self' https://*.polly.help; worker-src * 'unsafe-inline' blob:;
strict-transport-security: max-age=31536000
content-security-policy-report-only: default-src 'self'; img-src * data: blob:; style-src * 'unsafe-inline' blob: https://fonts.googleapis.com; font-src 'self' data: https://fonts.bunny.net https://fonts.gstatic.com https://cuatro.sim-cdn.nl https://cuatro.sim-cdn-acceptatie.nl https://cuatro.sim-cdn-test.nl; script-src 'nonce-YTYxNWYxMzctODY1My00NWY5LWFhYmMtNmRhZTQ0NTNiNDdi' 'strict-dynamic' 'report-sample'; connect-src *; form-action 'self'; media-src https://*.readspeaker.com https://*.streamlock.net https://storage.googleapis.com https://scribit-pro-hosting.storage.googleapis.com https://scribit-pro.storage.googleapis.com https://app.talkjs.com 'self' blob:; frame-src *; frame-ancestors 'self' https://*.polly.help; worker-src * 'unsafe-inline' blob:; report-uri /api/csp-report