nvrg.nl — domain check, WHOIS, DNS & reputation

HTML metadata

Title: NVRG: Nederlandse Vereniging voor Relatie- en Gezinstherapie
Description: Het kwaliteitsregister en de beroepsvereniging voor relatie- en gezinstherapeuten (systeemtherapeuten) en systeemtherapeutisch werkers.
Canonical: https://www.nvrg.nl/home

Open Graph

url: https://www.nvrg.nl/home

Technology

Server: ws
Stack: ASP.NET

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Email

nvrg@nvrg.nl

Phone

020-6123078

DNS records live

NS

ns1.yourwebhoster.com
ns2.yourwebhoster.com
ns3.yourwebhoster.nl
ns4.yourwebhoster.nl

MX

0 nvrg-nl.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:109.71.54.18 ip4:149.210.191.32 include:spf.protection.outlook.com include:spf.nvrg.livits.net include:spf.pe-online.org include:amazonses.com include:relay.mailchannels.net ~all

softfail (~all)

DMARC

v=DMARC1;p=none;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400

policy: none (monitoring only) · sp=none

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveH0Zmlp7PvYwvVhW7ByfIgdlKzQLi6mhH1UgjwmFyhDwjEMVv3KJDwpzKLgJPTstodohxu9KSmOS9…

selectors probed

Certificate (current)

Trust Provider B.V. TLS RSA EV CA G2

from 2025-06-23 to 2026-07-01

Expires in 28 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nvrg.nl/home

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(self), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), hid=(), idle-detection=(), serial=(), window-placement=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self';object-src 'self' *.youtube.com *.vimeo.com *.google.com *.googleapis.com; img-src 'self' *.s3.eu-west-1.amazonaws.com blob: data: *.googleapis.com *.gstatic.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.google.com *.google.nl *.g.doubleclick.net; style-src 'self' 'unsafe-inline' cdn.livits.net *.fontawesome.com *.googleapis.com *.ogone.com https://use.fontawesome.com https://cdnjs.cloudflare.com https://stcdnlivits.blob.core.windows.net; connect-src 'self' *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.google.com *.google.nl *.g.doubleclick.net https://adservice.google.com https://maps.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.livits.net *.googleapis.com *.google.com *.gstatic.com *.google-analytics.com *.googletagmanager.com *.ogone.com https://platform.twitter.com https://maps.googleapis.com https://code.jquery.com/jquery-migrate-1.2.1.js; frame-src 'self' *.google.com https://www.youtu
strict-transport-security: max-age=31536000;includeSubDomains

Links to (3)

Linked from (2)

yucelmethode.nl×1
huisvanrelaties.nl×1