indexo.dev

nebosh.org.uk

.uk crawl

First seen 2026-04-13 · Last seen 2026-05-18 · ok HTTP/1.1 200 3833 ms crawled 2026-05-07

US · 172.66.167.159 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Home - NEBOSH
Description
Globally recognised Health, Safety & Environmental Qualifications. The National Examination Board in Occupational Safety and Health (NEBOSH) is an awarding body established in 1979. Our globally recognised health and safety and environmental management qualifications help to raise the competence of safety and environmental professionals as well as individuals at all levels in the workplace.
Language
en

Open Graph

title
Home
site name
NEBOSH
description
Globally recognised Health, Safety & Environmental Qualifications. The National Examination Board in Occupational Safety and Health (NEBOSH) is an awarding body established in 1979. Our globally recognised health and safety and environmental management qualifications help to raise the competence of safety and environmental professionals as well as individuals at all levels in the workplace.

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
  • Google Tag Manager
Cookie consent
  • Usercentrics
Social widgets
  • YouTube Embed

Third-party hosts loaded (5)

  • app.usercentrics.eu×1
  • static.cloudflareinsights.com×1
  • static.srcspot.com×1
  • www.googletagmanager.com×1
  • www.youtube.com×1

Social

Contact

Phone
Address
Dominus Way, Meridian Business Park,Leicester,LE19 1QWtel: +44 (0)116 263 4700Registered in England and Wales number 2698100.Registered charity number 1010444

Registration

Registrar
GoDaddy.com, LLC.
Created
1999-02-26
Expires
2027-02-26 282 days left
Updated
2026-01-15
Name servers
  • aiden.ns.cloudflare.com.
  • ivy.ns.cloudflare.com.

DNS records live

NS
  • aiden.ns.cloudflare.com
  • ivy.ns.cloudflare.com
MX
  • 1 eu-smtp-inbound-1.mimecast.com
  • 1 eu-smtp-inbound-2.mimecast.com
TXT
Show 13 TXT records
  • smartsheet-site-validation=cUhP-EGZeFpfj2Ur9hVyxJlP0f8Dl_3E
  • 0ed1fe018a5451c359d70b4cbf9a257ef600568ad1
  • M64NB57PI3
  • MS=94301F1C4279EA7B0298399F8861A5E88E74C03A
  • ZA=7hqj0K1tBpU8nQI/O9PInA==
  • atlassian-domain-verification=0LIfey4zp9ybm3Y2xiZF7pLiMUEM3LTf7pIleazTyV76symMBRqwSqSfmfmhxjAV
  • canva-site-verification=ByINvGJeXiKtJyGfMZR2oA
  • e 00D000000000P08=1TB00000000000B
  • google-site-verification=eOrBfDuZ20zeVIWBN--_MZjvwrUXtxX1aJOT-f2rtmo
  • lastpass-Y5LqQ%6^wpZBRF6n2PGoT$a@WGbtFYtzY1v5#IBe*YN@UAcs2O%3@v2OSBxFp7LsGgOf#CARJDU!P$hYEY2ZsbfA*ytdj&5t1&4
  • meltwater_sso_20250905
  • miro-verification=39325a454f8330898f706cc7ae2d177e9f79b9d9
  • remarkable-domain-verification=4b53d874-910b-44d6-9139-2663f04c7769

Email authentication strong

SPF
v=spf1 ip4:5.172.153.64/27 ip4:83.138.173.144/32 IP4:4.159.16.14/32 include:_spf.netxtra.net include:amazonses.com include:eu._netblocks.mimecast.com include:ciphr247.com include:spf.eu.exclaimer.net include:spf.mailjet.com include:_spf.psm.knowbe4.com include:_spf.salesforce.com include:spf.protection.outlook.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:37b5825ae218489eba4414fb2eb7325e@dmarc-reports.cloudflare.net
policy: quarantine
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCm/2QrWFm8RFAMHjZfGD9yXfTDXshmoJDEgq5g7NrS3WXt8Si+Qr2cMfZaqmrCLc+ykaKeR2AYacAFMyXg8LvRSRlg96V…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG879Hkd+oN7Kh1D3V3yTYSEWen7j1IGz3paQ494Yl91D5ugUzvOfqJ2TmHIHwbl58ngilTHJ2GvqCZ8dw…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxb7Aw+MRN9yLt8AQHgs7En24ni3cOKgQ6qQygnKdPOBlaOnCrXzJt20XB2/5cxDC+n0k8BG5NaOyp3yWl…
selectors probed

Certificate (current)

WE1
from 2026-04-21 to 2026-07-20
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.nebosh.org.uk/home/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • weak content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin, SAMEORIGIN
x-content-type-options
nosniff, nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval' wss:; img-src * data:;
strict-transport-security
max-age=7776000; includeSubDomains

Links to (8)

Linked from (6)