vereniginghogescholen.nl

.nl crawl

First seen 2026-05-19 · Last seen 2026-05-31 · ok HTTP/1.1 200 16165 ms crawled 2026-05-23

NL · 46.22.188.216 · AS24586 Intermax Group B.V.

Reputation 100/100

sector education type homepage

HTML metadata

Title: Vereniging Hogescholen
Description: De Vereniging Hogescholen zet zich dagelijks in voor het beste onderwijs en onderzoek op 36 hogescholen. Samen met onze leden beïnvloeden we de politieke besluitvorming en zijn we een belangrijke gesprekspartner voor maatschappelijke organisaties en overheden.

Technology

Server: nginx

Analytics

Google Tag Manager

Cookie consent

Cookiebot

Third-party hosts loaded (2)

consent.cookiebot.com×1
www.googletagmanager.com×1

Social

Contact

Phone

(070) 312 21 21

Registration

Registrar

Prolocation B.V.

Created

2012-09-04

Updated

2020-08-16

Name servers

ns1.as41887.nl
ns4.as41887.it
ns2.as41887.eu
ns3.as41887.io

DNS records live

NS

ns1.as41887.nl
ns2.as41887.eu
ns3.as41887.io
ns4.as41887.it

MX

0 vereniginghogescholen-nl.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication strong

SPF: v=spf1 a ip4:95.128.93.170 ip4:212.204.207.3 ip4:185.46.182.209 ip4:217.100.3.50 ip4:94.228.133.0/24 include:spf.protection.outlook.com include:servers.mcsv.net include:spf.geenspam.mx include:spf.mandrillapp.com include:spf.afas.online ~all
softfail (~all)
DMARC: v=DMARC1; p=quarantine; rua=mailto:dmarc@verhog.uriports.com; ruf=mailto:dmarc@verhog.uriports.com; fo=1:d:s
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-04-14 to 2026-07-13

Expires in 42 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.vereniginghogescholen.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-eval' 'unsafe-inline' consent.cookiebot.com consentcdn.cookiebot.com www.googletagmanager.com www.google-analytics.com www.google.com *.googletagmanager.com *.hotjar.com; style-src 'self' https: 'unsafe-inline'; connect-src 'self' https: consentcdn.cookiebot.com www.googletagmanager.com *.hotjar.com; frame-src 'self' https: www.youtube.com consentcdn.cookiebot.com public.tableau.com *.googletagmanager.com; frame-ancestors 'self'; form-action 'self' https: *.list-manage.com
strict-transport-security: max-age=31536000; includeSubdomains; preload