concordia.nl

.nl crawl

First seen 2026-05-22 · Last seen 2026-05-28 · ok HTTP/1.1 200 11858 ms crawled 2026-05-28

NL · 91.210.127.58 · AS20559 Fundaments B.V.

Reputation 94/100 dmarc monitor-only

sector entertainment type landing page

HTML metadata

Title: Kijk! Bij concordia beleef je Film en Beeldende Kunst. | Website
Language: [object Object]

Open Graph

url: https://www.concordia.nl/
title: Kijk! Bij concordia beleef je Film en Beeldende Kunst. | Website

Technology

CMS: Nuxt

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

team.blue nl B.V.

Created

1998-04-14

Updated

2025-04-03

Name servers

yadiel.ns.cloudflare.com
olivia.ns.cloudflare.com

DNS records live

NS

olivia.ns.cloudflare.com
yadiel.ns.cloudflare.com

MX

0 concordia-nl.mail.protection.outlook.com
10 concordia-nl.mail.protection.outlook.com

TXT

UNG2sKXcURvvkb/qP1H2mwlduAIrWfk82ms057kibOdl3ldg89WtRrtfg2v5U/hpLbl1giKhufW+Nln+kKf/Sw==

Verified for

Adobe
Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.turbo-smtp.com include:_spf.cre8ion.nl include:spf.protection.outlook.com include:_spf.itix.nl include:_spf.exactonline.nl ip4:31.7.3.37 ip4:87.233.92.100 ip4:148.105.12.0/24 ip4:145.131.3.230 ip4:144.76.122.122 ip4:89.234.34.153 ip4:87.233.92.103 ip4:82.75.135.163 ip4:91.220.53.70 +a:ccultuurmenu.org -all

strict (-all)

DMARC

v=DMARC1; p=none; pct=100;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWD0aa9lz5mruUu49eg8VaUsZgojFBg1w5hgFCIEkLVdx2atl/PaJ68lt1pFqbZ3O7fiRxNQlkRYe6FamtBD…
mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6IhDjSUj/RFROQqa/k4AQopcQRPJpWXRdSQDdPDlhJe9vEP1pJFVpKHh7MsOre/t6qv…

selectors probed

Certificate (current)

R13

from 2026-05-11 to 2026-08-09

Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.concordia.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: unsafe-url
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=()
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.addtoany.com use.fontawesome.com *.youtube.com *.ytimg.com *.googleapis.com googleapis.com *.googletagmanager.com *.cloudflare.com *.vimeo.com cdn.jsdelivr.net recaptcha.net *.doubleclick.net *.facebook.net *.cookiecode.nl connect.facebook.net www.googleadservices.com googleads.g.doubleclick.net consent.cookiebot.com static.hotjar.com secure.adnxs.com script.hotjar.com localhost:44330 consentcdn.cookiebot.com ; style-src 'self' 'unsafe-inline' *.googleapis.com googleapis.com *.google.com *.addtoany.com cloud.typography.com *.myfonts.net *.typekit.net *.cloudflare.com cdn.jsdelivr.net *.cookiecode.nl *.facebook.net localhost:44330; font-src 'self' *.gstatic.com data: *.typekit.net *.cloudflare.com localhost:44330; img-src 'self' data: *.google-analytics.com *.analytics-google.com *.gstatic.com *.googleapis.com go
strict-transport-security: max-age=31536000

Links to (4)

Linked from (1)

ninetiesproductions.nl×1