indexo.dev

fbo.nl

.nl crawl

First seen 2026-05-27 · Last seen 2026-05-27 · ok HTTP/1.1 200 186 ms crawled 2026-05-30

NL · 193.34.167.146 · AS62370 Snel.com B.V.

Reputation 100/100

Classifying

HTML metadata

Title
FBO – Federatie van betaald voetbal organisaties
Language
nl-NL
Generator
WordPress 6.9.4
Canonical
https://fbo.nl/
Feeds

Technology

Server
LiteSpeed
CMS
WordPress 6.9.4
PHP
8.4.21
jQuery
3.7.1
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • code.jquery.com×2
  • fonts.googleapis.com×2
  • maps.googleapis.com×2
  • cdnjs.cloudflare.com×1
  • gmpg.org×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1.effectivahosting.nl
  • ns2.effectivahosting.nl
  • ns3.effectivahosting.nl
MX
  • 0 fbo-nl.mail.protection.outlook.com
TXT
  • nVz6ZSJMMWmI8wfKwpnu766iA1JpGNAU
  • 9dc0fd9d-460a-473c-b91b-a9d7a35311dc
  • U3Tl65tePTzx8POziYUlIHhO3hFDuEUj
Verified for
  • Apple
  • Brevo
  • Microsoft 365

Email authentication strong

SPF
v=spf1 a mx include:_spf.beehost.eu include:spf.protection.outlook.com include:spf.sendinblue.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; adkim=s; aspf=s
policy: quarantine
DKIM
  • default: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCvrD8ZWkY7RrOpGX9JNuC09GDHZdURof5uMisAdzTrEyrV0IQsToR0NLjdDuK4vrZAelN8uyp6KEYGULOu5w…
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R12
from 2026-04-22 to 2026-07-21
Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://fbo.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: wss:; frame-src 'self' blob: https://*; media-src 'self' https: *; worker-src 'self' blob: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:; style-src 'self' 'unsafe-inline' https:;
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (2)

Linked from (1)