nki.nl

HTML metadata

Title: NKI | Netherlands Cancer Institute
Description: The NKI comprises an internationally acclaimed research institute as well as a dedicated cancer clinic | Today’s research for tomorrow’s cure
Canonical: https://www.nki.nl/home

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Email

communicatie@nki.nl

Phone

020 512 9111

Address

Plesmanlaan 1211066CX Amsterdam

Registration

Registrar

SURF B.V.

Created

1988-12-13

Updated

2025-10-09

Name servers

ns1.surfnet.nl
hermes.nki.nl
athena.nki.nl

DNS records live

NS

athena.nki.nl
hermes.nki.nl
ns1.surfnet.nl

MX

10 nki-nl.mail.protection.outlook.com

TXT

Show 9 TXT records

adobe-idp-site-verification=187da163262fa7d7fd34409495e3ae4b1add9c8dd72bdc07c95d3ee3379e554f
00D0Y000002F3wk=1TBP400000001aR
MS=ms60898922
GXPwM5fhTJeOJzqq1tRrE14OJ0voX0LTLpuyGbkXWc8=
MS=F99931D6C9629CA72A3C79D1BF9FBAAF860B4D30
linear-domain-verification=g8id63rnbhsr
vmware-cloud-verification-bef81d0c-befc-4b7b-8bf1-ff7c579b47d1
apple-domain-verification=wn19ZUTnWefjP69H
HARICA-RcdivP3RCm2mv3VqpXl

Email authentication strong

SPF

v=spf1 include:_spfout.mf.surf.net include:_spf.nki.nl include:_spf_kwf.nki.nl include:_spf.relay.zorgmail.nl include:spf.afas.online include:_spf.zivver.com include:spf.mandrillapp.com include:spf.protection.outlook.com ip4:62.50.13.64/28 ip4:194.158.15.0/25 ip4:80.84.235.70 ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; sp=reject; rua=mailto:8k490.rua@portal.dmarcsaas.com;

policy: reject (enforced) · sp=reject

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXq2r/fEdoGlXezJ7eGy/Rdms+yJP4KDF4o1/50dgnGm01iTA1N+993Mw3/5H8rVBT4qIV1y2tDLU1eggsDd…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs93mW05d95xmPktbRiwzxvg5BywNHM8ru9DBNVu96ZX4CIlElEYiDJlGee2Smu+KpDD74oS0GAJm24…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

GEANT TLS RSA 1

from 2025-10-17 to 2026-10-17

Expires in 151 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nki.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: autoplay=(*), geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(*), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://api.elmah.io https://*.basicorangeumbraco13template.nl https://basicorangeumbraco13template.nl https://basicorangeumbraco13template.nl:* https://cdn.jsdelivr.net https://*.youtube.com https://*.youtube-nocookie.com https://*.ytimg.com https://*.hotjar.io https://*.hotjar.com wss://*.hotjar.com https://*.facebook.net https://*.facebook.com https://*.google.com https://*.google.nl https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.adform.net https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://cx.atdmt.com https://tagmanager.google.com https://www.googletagmanager.com https://i.vimeocdn.com https://player.vimeo.com https://*.vimeo.com https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://www.google.com https://*.local https://*.botest.nl https://*.basicorange.nl https://*.basicorangeumbraco13template.nl https:
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (2)

ubiquitin-wuerzburg-2022.de×1
flindrtx.com×1