ncoi.nl

HTML metadata

Title: De opleider van werkend Nederland | NCOI Opleidingen
Description: Bij NCOI Opleidingen vind je ruim 1.250 opleidingen in vrijwel elk vakgebied. Studeer in deeltijd en op elk niveau: MBO, HBO en Master
Language: nl-NL

Technology

CDN: Cloudflare
CMS: Next.js
JS framework: Next.js

Analytics

Cloudflare Insights

Third-party hosts loaded (3)

assets-eu-01.kc-usercontent.com×6
kdpd7zy063-dsn.algolia.net×1
static.cloudflareinsights.com×1

Social

Contact

Phone

0356400411

Address

Marathon 7, 1213 PD, Hilversum, Noord-Holland, NL

Registration

Registrar

Realtime Register

Created

1997-01-12

Updated

2024-10-29

Name servers

ashley.ns.cloudflare.com
norman.ns.cloudflare.com

DNS records live

NS

ashley.ns.cloudflare.com
norman.ns.cloudflare.com

MX

5 d304702.a.ess.de.barracudanetworks.com
5 d304702.b.ess.de.barracudanetworks.com

TXT

oek1zagMk+mAAQ2OvQz4uyT8iPTfhMmmkh+JEdOOVXSlWj+4Eow53a7msDJId+LBCacRryY/NyuSsRb7NkHdJg==
253e2c8070d325b88b9754226334cbb05622fba2e08c3f2064a12a0824b09a03
BPL=7780121

Verified for

DocuSign
Dynamics 365
Google
Meta
Miro
OpenAI

Email authentication strong

SPF

v=spf1 a include:spf.oplg.nl include:spf.eprov.eu include:spf.protection.outlook.com include:lms.plusport.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:rua+ncoi.nl@dmarc.barracudanetworks.com; ruf=mailto:ruf+ncoi.nl@dmarc.barracudanetworks.com

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo568B/0eXa3s0kQQMuCoM93aU7AF+vXhVoz4GKjqZ4nUk+H2D/uwXvUfQGKi66IoQgrZUB/UHNq2rh…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/EKuMFHR6yXmcJRl5I5QLe3YtQdH62aa8n0tzn9L3EB+dTa4vJ7S7oKWQFpNGnO6w2iZxz7J6BXWzjs7o1…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsjZMXEgP+ok4LsspL2PJXZBpsGt1BwOXSiakbm76W8Q1F3BtcJwZPzeLdin929rPLy+u4CUq+hLCyDIvWIk2v+f…

selectors probed

Certificate (current)

WE1

from 2026-05-07 to 2026-08-05

Expires in 66 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.ncoi.nl/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://*.uniform.app https://uniform.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' https://uniform.app https://*.uniform.app https://*.wozzbot.com https://*.googletagmanager.com https://*.segment.com https://*.youtube.com https://*.jsdelivr.net https://*.hsforms.net https://*.osano.com https://*.cloudflareinsights.com https://*.bing.com https://*.licdn.com https://*.facebook.net https://*.doubleclick.net https://*.clarity.ms https://*.google.com https://*.gstatic.com; worker-src 'self' blob:; connect-src 'self' https://*.wozzbot.com https://*.hsforms.com https://*.bugsnag.com https://*.segment.com https://*.algolianet.com https://*.algolia.net https://*.algolia.io https://*.kontent.ai https://*.netlify.app https://*.opleidingsgroep.nl https://*.ncoi.nl https://*.osano.com https://*.bing.com https://*.bing.net https://*.clarity.ms https://*.doubleclick.net https://*.google.com https://*.google.nl https://*.google.pt http
strict-transport-security: max-age=31536000