overijssel.nl

HTML metadata

Title: Provincie Overijssel - Provincie Overijssel
Description: Provincie Overijssel: een prachtige provincie om te wonen, te werken en te recreëren. Samen met u bepalen wij de toekomst van onze provincie.
Language: nl
Canonical: https://www.overijssel.nl/

Open Graph

url: https://www.overijssel.nl/
title: Provincie Overijssel
description: Provincie Overijssel: een prachtige provincie om te wonen, te werken en te recreëren. Samen met u bepalen wij de toekomst van onze provincie.

Technology

Third-party hosts loaded (2)

cloudstatic.obi4wan.com×1
siteimproveanalytics.com×1

Social

Contact

Email

Phone

DNS records live

NS

nsauth1.introweb.nl
nsauth2.introweb.nl
nsauth3.introweb.net

MX

10 overijssel-nl.m-v1.mx.microsoft

TXT

Show 8 TXT records

1h0LGB5YaIZ0BDrSXP4XsKAqveN8T6+2IRV9hEeAZfs=
DomainVerification=52OV3K85VM6T8GBV6Y0UZ22Y82A11UUD2ZGZBDOYG68BO4C344WT64UJWM5K2EJ7
QuoVadis=95e3a260-c456-4c0b-a8fd-3ef5e9285fed
_2eo2pr28y9hkrq30qdfqtdtc86nnnop
iVQEegH6knxJaB4d/qBNuyG98Rkfqxc3UiXQw1uIk8cQtvFFQCrYZn9naScmgorKsoS7QQiXkNclUhmXUX86/w==
_2ybqwpf3sewvtm074lf2zjcmle9daql
wsp2jsfwgscgtt4hcn07qqgxgm5md8rb
_sucwvo3euruqswb7c7rjv3qxa5jwb9c

Verified for

Microsoft 365

Email authentication strong

SPF

v=spf1 include:mmbn6dm3gz.powerspf.com include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; sp=none; rua=mailto:01bsdre9@ag.eu.dmarcadvisor.com;

policy: quarantine · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMpwxx+8xCU5bP5/4xPnhvRK/zHeI0KICslbHIwtZ+2r2uVGN2NJnohECQqDRSTeSbQDtNGI4+2L9nZnKL10…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHvPb0HoZTQgx/32dMp+PW8WaEYue2rAYVbMRkodRfqY+3rbD7weaL3FitLUVeG7TE2kmKM7QVI2UXUN6/…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5Em48iNcZmBNt2hLXYorGt56Zbd7zyS6TW96zVAa0nJ6R4YN/rRhh8VjNipnEe/I1EHvoH+FR0FINUsVu…

selectors probed

Certificate (current)

DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1

from 2026-02-24 to 2027-02-24

Expires in 268 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.overijssel.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
permissions-policy: sync-xhr=(self "https://services.geodataoverijssel.nl"), fullscreen=(self "https://www.youtube-nocookie.com" "https://www.vimeo.com"), geolocation=(), midi=(), camera=(), autoplay=(), accelerometer=(), payment=(), gyroscope=(), usb=(), document-domain=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' www.gravatar.com *.flickr.com player.vimeo.com *.vimeocdn.com *.cloudfront.net login.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com *.containers.piwik.pro player.vimeo.com www.google.com www.gstatic.com ajax.aspnetcdn.com *.siteimproveanalytics.com siteimproveanalytics.com *.flickr.com *.geodataoverijssel.nl widget.scribit.pro www.youtube.com *.obi4wan.com *.pusher.com e.infogram.com/js/dist/embed-loader-min.js; style-src 'self' 'unsafe-inline' *.obi4wan.com; img-src 'self' data: blob: i.ytimg.com *.vimeocdn.com 6011273.global.siteimproveanalytics.io live.staticflickr.com *.flickr.com dashboard.umbraco.com *.amazonaws.com; font-src 'self' data:; connect-src 'self' *.piwik.pro www.google.com api.scribit.pro *.containers.piwik.pro scribit-pro-hosting.storage.googleapis.com *.obi4wan.com *.pusher.com obipubvideo.s3.eu-central-1.amazonaws.com *.flickr.com; media-src 'self' scribit-pro-hosting.storage.googleapis.com; frame-src 'self' www.goog
strict-transport-security: max-age=31536000; includeSubDomains