indexo.dev

cordaid.org

.org crawl

First seen 2026-04-20 · Last seen 2026-05-14 · ok HTTP/1.1 200 1035 ms crawled 2026-05-14

US · 172.67.73.42 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

sector nonprofit type homepage

HTML metadata

Title
Working in and on fragility - Cordaid International
Description
We stand with those hit hardest by poverty and conflict. We support them to move beyond survival and to fully participate in equitable societies.
Language
en-US
Canonical
https://www.cordaid.org/en/

Open Graph

url
https://www.cordaid.org/en/
title
Working in and on fragility - Cordaid International
locale
en_US
site name
Cordaid International
description
We stand with those hit hardest by poverty and conflict. We support them to move beyond survival and to fully participate in equitable societies.

Technology

CDN
Cloudflare
CMS
WordPress
Cookie consent
  • Cookiebot

Third-party hosts loaded (2)

  • challenges.cloudflare.com×1
  • consent.cookiebot.com×1

Social

Contact

Phone

Registration

Registrar
Hosting Concepts B.V. d/b/a Registrar.eu
Created
2004-12-16
Expires
2026-12-16 211 days left
Updated
2026-01-30
Name servers
  • cory.ns.cloudflare.com
  • grace.ns.cloudflare.com

DNS records live

NS
  • cory.ns.cloudflare.com
  • grace.ns.cloudflare.com
MX
  • 5 cordaid-org.mail.protection.outlook.com
TXT
  • 3DnksfyxNgF3vuZu0aN7rfLbO7UXP9A0zmwqRCaMM/iVqWQJl/1OyvpSR5vI1EhEWm6Cg9Oq9bF0SK1TkAGzIA==
  • MS=ms47459115
  • docusign=475f6bc6-d91f-4a6b-bed5-27805ec052fc

Email authentication partial

SPF
v=spf1 include:spf.mailjet.com include:smtp.hroffice.eu include:spf.flowmailer.net include:_spf.mailplus.nl include:spf.protection.outlook.com include:spf.afas.online include:_spf.shared.lvl.li ip4:92.112.193.128 ip4:134.209.196.7 IP4:84.241.182.106 IP6:2001:1690:2:416::167 ip6:2a03:b0c0:2:f0::106:e001 include:mailgun.org -all
strict (-all)
DMARC
v=DMARC1; p=none; pct=100; fo=1; ri=3600; sp=none; aspf=r; rua=mailto:c5210bf@dmarc.mailgun.org,mailto:7fcd17eb@inbox.ondmarc.com,mailto:re+ue6qcj8cye6@dmarc.postmarkapp.com; ruf=mailto:c5210bf@dmarc.mailgun.org,mailto:7fcd17eb@inbox.ondmarc.com;
policy: none (monitoring only) · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvgVilYM/H1JOqkASaxsDcVqalRuIeQGLgX71XBVpVgWG8VlCAT6ZQWLc86FqIVJ6iPEhCqge8vuxLyS4yjj…
selectors probed

Certificate (current)

WE1
from 2026-03-30 to 2026-06-28
Expires in 40 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.cordaid.org/en/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https: data:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src *; media-src https: data: blob:; worker-src https: blob:; frame-src 'self' https:; frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=15552000

Links to (6)

Linked from (6)