obvion.nl

HTML metadata

Title: Hypotheken vanuit het hart - Obvion Hypotheken - Obvion Hypotheken
Description: Hypotheken vanuit het hart: dat is Obvion. Want wij vinden dat hypotheken moeten kloppen. En blijven kloppen! Volg ons ritme en ontdek hoe wij samen met de onafhankelijke adviseur vinger aan de pols houden. Nu, straks en de komende 30 jaar.
Language: nl-NL
Canonical: http://obvion.nl/

Open Graph

url: http://obvion.nl/
title: Obvion
description: Hypotheken vanuit het hart: dat is Obvion. Want wij vinden dat hypotheken moeten kloppen. En blijven kloppen! Volg ons ritme en ontdek hoe wij samen met de onafhankelijke adviseur vinger aan de pols houden. Nu, straks en de komende 30 jaar.

Technology

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (3)

cdn.cookielaw.org×2
channel.me×1
www.googletagmanager.com×1

Social

Contact

Phone

2147483646

Registration

Registrar

Registrar.eu

Created

2001-11-16

Updated

2025-10-23

Name servers

a3-64.akam.net
a5-67.akam.net
a1-167.akam.net
a10-67.akam.net
a12-65.akam.net
a26-64.akam.net

DNS records live

NS

a1-167.akam.net
a10-67.akam.net
a12-65.akam.net
a26-64.akam.net
a3-64.akam.net
a5-67.akam.net

MX

0 obvion-nl.g-v1.mx.microsoft

Email authentication strong

SPF

v=spf1 include:sendgrid.net include:_spf.spotler.email include:spf.protection.outlook.com a:sweeper.stater.com a:smtp.courseware.nl a:mailout.fasterforward.nl include:_spf.salesforce.com ip4:20.50.225.156 ip4:51.105.144.209 include:spf.flowmailer.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@obvion.nl; ruf=mailto:dmarc_afrf@obvion.nl; fo=1; pct=100

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3NfMCJF3ZubZM5ZgM53SFb5lz8CeH+FMsJYQt8TitAL40rCRmQzMH5wuAiRLFBpa3fkWUK8V0j5F10aTK0Q…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfKPlxMufDNAhWHd5iKifA4ctuKPnL2trIGmWNs9FiQMaOJC9j+j/sFZNb3WRg6v+fxYZkzTRX1vLVh/FHwE…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogOdjuaXkxApg3vGfb336Z8klY+2KD4rMdyJOBzX+ZGoPcT5RhlByMkBetuwVXoh63PE8EcnDjhS/zLXvK…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi70097ff1LjCCUmwiXXD4VHe831sZrRUecwQJxnzYBMvXK5rAHwskniH1yzQfX78aU1u6F0lPCWiTZ2H0…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA EV R36

from 2026-02-26 to 2027-02-27

Expires in 271 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://obvion.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://*.gstatic.com https://code.jquery.com https://ajax.aspnetcdn.com https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://*.hotjar.com channel.me https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://*.hotjar.com https://fonts.googleapis.com; img-src 'self' *.vimeocdn.com blob: data: https://maps.googleapis.com https://*.gstatic.com https://googleusercontent.com https://cdn.cookielaw.org https://*.googleapis.com *.google.com *.googleusercontent.com https://i.ytimg.com; media-src 'self'; frame-src 'self' https://www.google.com https://www.youtube-nocookie.com https://player.vimeo.com https://channel.me https://*.google.com; font-src 'self' https://fonts.googleapis.com h
strict-transport-security: max-age=31536000; includeSubDomains