indexo.dev

cea.nl

.nl crawl

First seen 2026-05-21 · Last seen 2026-05-27 · ok HTTP/1.1 200 4766 ms crawled 2026-05-27

SE · 217.114.94.2 · AS30811 Optimizely AB

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Commissie Eindtermen Accountantsopleiding
Description
CEA is een zelfstandig bestuursorgaan dat een publiek belang dient. CEA voert verschillende wettelijke taken uit en draagt zo bij aan kwalitatief goede accountants.
Language
nl-NL

Open Graph

url
https://www.cea.nl/
title
Commissie Eindtermen Accountantsopleiding
description
CEA is een zelfstandig bestuursorgaan dat een publiek belang dient. CEA voert verschillende wettelijke taken uit en draagt zo bij aan kwalitatief goede accountants.

Technology

CDN
Cloudflare
CMS
Gatsby
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Contact

Email

DNS records live

NS
  • ns1.argewebhosting.eu
  • ns2.argewebhosting.com
  • ns3.argewebhosting.nl
MX
  • 10 cea-nl.mail.protection.outlook.com
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:sendgrid.net mx ip4:194.165.34.0/24 include:spf.topdesk.net include:_spf.argewebhosting.nl ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kHAiYfoezBm+Uok/F6J6YTnqz+Q0kANhPrN2D5EFZrmEkkzLS2Do5ldLAc8fmI9HMJyTUcRGvEZuJ…
selectors probed

Certificate (current)

WE1
from 2026-05-07 to 2026-08-05
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.cea.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://use.typekit.net https://www.googletagmanager.com https://cdn.optoutadvertising.com https://www.google.com https://*.mtcaptcha.com https://www.gstatic.com https://www.google-analytics.com https://js.monitor.azure.com https://api.fontshare.com https://maps.googleapis.com https://cdn.jsdelivr.net/npm/feather-icons@4.29.0/dist/feather.min.js https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js https://cdnjs.cloudflare.com/ajax/libs/markdown-it/8.3.0/markdown-it.min.js; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://api.fontshare.com https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css; img-src 'self' data: https://storage.googleapis.com https://nba.elmaonline.nl https://p.typekit.net https://www.googletagmanager.com https://maps.googleapis.com https://map
strict-transport-security
max-age=2592000
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (1)

Linked from (1)