woonstadrotterdam.nl

HTML metadata

Title: Woonstad Rotterdam
Description: Woonstad geeft je de ruimte om te wonen, werken en genieten in Rotterdam.
Language: nl
Canonical: https://www.woonstadrotterdam.nl/

Open Graph

url: https://www.woonstadrotterdam.nl/
title: Woonstad Rotterdam
site name: Woonstad Rotterdam
description: Woonstad geeft je de ruimte om te wonen, werken en genieten in Rotterdam.

Technology

CDN: Azure Front Door
CMS: Next.js

Social

DNS records live

NS

ns01.brandshelter.com
ns02.brandshelter.net

MX

0 woonstadrotterdam-nl.mail.protection.outlook.com

TXT

Show 6 TXT records

7QRlhTqOi/dsJtHEZdnf5QwVRvSc6L4QUwXsnDFQ+z5W5WQLissS9CQrPKinlTstZ/ul0QHh7Vzj7Qc2zq042Q==
detectify-verification=ac0fadb07e1901fd7e3626c28937dedf
atlassian-sending-domain-verification=9c913212-6d61-4820-845c-cdcd78df914f
KFDMDmiuZpBqW3W5dyJSmuTWcMy+Wy0GOlv7j0X1Tsk=
challenge.www.indienstbijwoonstadrotterdam.nl=6wmWtJA4CF_ceiYZyVNYkIUXRS7ljx7hSS_ppm6Fyss
_acme-challenge.indienstbijwoonstadrotterdam.nl=SGSQrdDLbqxECXldIopbiH961Y0qmQjQvWPDClhOl9s

Verified for

Apple
Atlassian
GlobalSign
Google
Microsoft
Microsoft 365
Miro

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:virtualmail.webpower.eu include:_spf.twinq.nl ip4:212.204.202.195 ip4:195.28.22.97 ip4:212.204.202.194 ip4:217.21.255.193 ip4:192.254.126.161 ip4:217.21.255.195 ip4:217.21.255.214 ip4:87.233.193.40 ip4:213.109.77.155 ip4:213.109.77.131 ip4:213.109.77.135 ip4:46.31.48.0/21 include:spf.afas.online include:spf.topdesk.net include:sendgrid.net include:_spf.salesforce.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc.rua@woonstadrotterdam.nl

policy: quarantine

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC01rHyVBsZ6xMjEI0Sqr34//CchVngyy+mSBlONahedhhkJVmTRK/GyeHB06X8CoeVGzALZ/dJyDEHNIvRlR…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM5B5n91k8B4UdO9NouhwTOWgQuTf/agHPVvARta7Z3Kw6g+fdC93Ez3J/BkM0XQhqciR/3dst5bbu…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3zAG2jrJtpJ2VgBuDsd7rrNkRwwhJ6i3LePPslhZgbfDJ3zs2PTzQ4+WeAmJMpVPiCHcEG+jy1zb+7mr5…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vG8stZXDXHBxlfkDcMwGSY9T+yf9G4pInRuQyURZB5Dl59ZTd1llBYo+F+tgiqn/HUkXRV/aFRrajNMCM…

selectors probed

Certificate (current)

R13

from 2026-04-07 to 2026-07-06

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.woonstadrotterdam.nl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' https://wrf-test-app-api-gateway.azurewebsites.net https://wrf-acc-app-api-gateway.azurewebsites.net https://wrf-prod-app-api-gateway.azurewebsites.net https://api.mapbox.com https://events.mapbox.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://google.com https://www.googleadservices.com https://connect.facebook.net https://px.ads.linkedin.com https://www.google.nl https://api.v2.openstadwoonstad.nl https://*.in.applicationinsights.azure.com https://js.monitor.azure.com https://www.facebook.com/tr/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.googletagmanager.com https://consent.cookiebot.com https://*.googlesyndication.com https://static.hotjar.com https://snap.licdn.com https://consentcdn.cookiebot.com https://connect.facebook.net https://px.ads.linkedin
strict-transport-security: max-age=63072000; includeSubDomains; preload