netherlandsandyou.nl

HTML metadata

Title

Netherlandsandyou.nl - Netherlands and you | The Netherlands and you

Description

The website is powered by the Dutch representations worldwide: embassies, consulates and trade offices. Netherlandsandyou is connecting you with the Netherlands.

Language

en-GB

Canonical

https://www.netherlandsandyou.nl

Translations

es ×4
ca ×3
en ×3
fr ×2
nl ×2
pt ×2
sr ×2
zh ×2
ar
bg
cs
da
de
el
et
eu
fa
fi
gl
hi
hr
hu
in
it
iw
ja
kk
ko
lo
lt
ms
nb
pl
ro
ru
sk
sl
sv
ta
th
tr
uk
vi

Open Graph

url: https://www.netherlandsandyou.nl
title: Netherlandsandyou.nl - Netherlands and you - NAY
locale: en_GB
image:url: https://www.netherlandsandyou.nl/documents/3369128/4615876/USA-amsterdam-rainbow-dress-LGBTIQ-activism.jpg/bbf377eb-a14f-519f-416c-fc86527865b8?version=1.0&t=1693302437826&imagePreview=1
site name: Netherlands and you
description: The website is powered by the Dutch representations worldwide: embassies, consulates and trade offices. Netherlandsandyou is connecting you with the Netherlands.
locale:alternate: zh_TW

Technology

Server: Apache

Social

Registration

Registrar

Rijksoverheid

Created

2016-08-18

Updated

2021-10-02

Name servers

ns0.rijksoverheidnl.com
ns2.rijksoverheidnl.eu
ns3.rijksoverheidnl.org
ns1.rijksoverheidnl.nl

DNS records live

NS

ns0.rijksoverheidnl.com
ns1.rijksoverheidnl.nl
ns2.rijksoverheidnl.eu
ns3.rijksoverheidnl.org

MX

0

Verified for

Google

Email authentication strong

SPF: v=spf1 -all
strict (-all)
DMARC: v=DMARC1; p=reject;
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1

from 2025-05-28 to 2026-06-21

Expires in 31 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.netherlandsandyou.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), sync-xhr=(self), usb=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; child-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://statistiek.rijksoverheid.nl https://public.tableau.com https://unpkg.com/leaflet@1.9.4/dist/leaflet.js https://include.timeblockr.com; connect-src 'self' https://nominatim.openstreetmap.org https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://legacy.oipa.nl https://include.timeblockr.com https://shared002.api.timeblockr.cloud https://statistiek.rijksoverheid.nl https://www.rovid.nl; img-src * data: blob:; media-src 'self' https://www.rovid.nl; style-src 'self' 'unsafe-inline' https://unpkg.com/leaflet@1.9.4/dist/leaflet.css https://include.timeblockr.com; font-src 'self' https://include.timeblockr.com; frame-src 'self' https://public.tableau.com https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com; object-src 'self';
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin