indexo.dev

hsv-royals.nl

.nl crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 423 ms crawled 2026-05-30

NL · 83.96.237.252 · AS35470 Signet B.V.

Reputation 100/100

Classifying

HTML metadata

Title
HSV Royals - Honkbal voor de hele regio - Royals Honkbal Boxmeer
Language
nl
Canonical
https://www.hsv-royals.nl/home/

Open Graph

url
https://www.hsv-royals.nl/home/
title
HSV Royals - Honkbal voor de hele regio
locale
nl_NL
site name
Royals Honkbal Boxmeer

Technology

Server
nginx
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns1.cybox.nl
  • ns2.cybox.eu
MX
  • 10 mx.spamexperts.com
  • 20 fallbackmx.spamexperts.eu
  • 30 lastmx.spamexperts.net
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:_spf.cybox.email -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@cybox.nl; ruf=mailto:dmarc-reports@cybox.nl;
policy: quarantine
DKIM
  • default: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO3dKYiQwnRjrGeqMwHW78m3s+5Zx59PKYcdTS1O0SD/x/kbMWdgLvBxv/PWG3I9GzAYxdcagfrJtGDX7xfV3…
  • k1: v=DKIM1; s=email; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ow2km0bvykgY0lnksxGx0MfFYNTwgm1t88GexlYE+YVj24cIzqavOgUcrGH4EulyKrAe…
selectors probed

Certificate (current)

R13
from 2026-05-15 to 2026-08-13
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.hsv-royals.nl/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com *.foys.tech 'report-sample'; script-src 'nonce-366c6930aa3676823a505a611330749a' 'strict-dynamic' 'self' https: 'unsafe-inline' 'report-sample'; img-src 'self' data: i.ytimg.com i.vimeocdn.com www.googletagmanager.com https://*.google-analytics.com https://*.googletagmanager.com https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com *.foys.io; frame-src 'self' www.youtube.com player.vimeo.com *.google.com; connect-src 'self' www.googletagmanager.com www.google.com https://*.analytics.google.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleapis.com *.google.com https://*.gstatic.com data: blob: *.foys.io *.foys.tech cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; base-uri 'self'; font-src 'self' fonts.gstatic.com; frame-ancestors 'self'; object-src 'none'; report-to csp-reports;
strict-transport-security
max-age=63072000; includeSubDomains

Links to (6)

Linked from (1)