indexo.dev

bambooclothing.co.uk

.uk crawl

First seen 2026-05-15 · Last seen 2026-05-15 · ok HTTP/1.1 200 946 ms crawled 2026-05-20

US · 104.18.13.168 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
BAM Clothing: Activewear that moves us forward
Description
Designed for performance, led by innovation. Super-soft natural, organic and circular fabrics. B Corp Certified. Yoga pants, leggings...
Language
en-GB
Generator
XforWooCommerce.com - Improved Badges for WooCommerce
Canonical
https://bambooclothing.co.uk/

Open Graph

url
https://bambooclothing.co.uk/
title
Homepage
locale
en_GB
site name
BAM Clothing
description
Designed for performance, led by innovation. Super-soft natural, organic and circular fabrics. B Corp Certified. Yoga pants, leggings...

Technology

CDN
Cloudflare
CMS
WordPress
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot
Fonts
  • Google Fonts
Third-party hosts loaded (10)
  • www.googletagmanager.com×3
  • api.feefo.com×2
  • cdn-4.convertexperiments.com×1
  • consent.cookiebot.com×1
  • eu1-config.doofinder.com×1
  • fonts.googleapis.com×1
  • fonts.gstatic.com×1
  • gepi.global-e.com×1
  • gsstatic.greenstory.ca×1
  • static.klaviyo.com×1

Social

Contact

Phone

DNS records live

NS
  • bayan.ns.cloudflare.com
  • kiki.ns.cloudflare.com
MX
  • 0 bambooclothing-co-uk.mail.protection.outlook.com
TXT
  • bjscq8kj8k90qqd1m3d80myx30z5fkcc
  • klaviyo-site-verification=TmMdAX
  • vpe=edcbf0a8
Verified for
  • Google

Email authentication strong

SPF
v=spf1 mx a include:sendgrid.net include:u6460960.wl211.sendgrid.net include:emarsys.us include:emarsys.net include:spf.protection.outlook.com ~all
softfail (~all)
DMARC
v=DMARC1;p=quarantine;sp=quarantine;pct=100;rua=mailto:3d2827887a@rua.easydmarc.eu,mailto:systems@bambooclothing.co.uk;ruf=mailto:3d2827887a@ruf.easydmarc.eu;ri=86400;aspf=r;fo=1
policy: quarantine · sp=quarantine
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwSpsNRkpU8wTyXPHPBxvjFhpz8UScoz38OMeKNGsheBsLRw72AvM73tet77h3dt5FXlT5ls6wDzPv57/p4g…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunNekrUQnitH4ElLg0fkuHq19pgLBaPvxXZlbFpA/lM6RHM5xtZPmiU34QYpI9CbAXMKkwijJ6qUV9…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04WdXZFjybFHdVHdECeP1epceVj67HrxanzgiN0+CQRVCBW9+k4MdIHyddXFKcPo9u4ds39/kH5TVFC7OX…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpZb4/uqReAGsZ2DAal0Q39Wp2h5WqhsLPCPbicXR2YzUw57x6ifl1iFBrIILUVZMXGrW7C8T4m29t+kKrPD/j+j…
selectors probed

Certificate (current)

WE1
from 2026-04-16 to 2026-07-15
Expires in 55 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://bambooclothing.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' bambooclothing.co.uk *.stripe.com *.js.stripe.com *.stripe.network *.jquery.com *.paypal.com *.paypalobjects.com *.cloudflare.com *.global-e.com *.google.com *.google.co.uk *.googletagmanager.com *.googleapis.com *.google-analytics.com *.googleadservices.com *.gstatic.com *.bing.com *.doubleclick.net *.akamaized.net *.appspot.com *.scarabresearch.com *.convertexperiments.com *.dwin1.com *.cookiebot.com *.curalate.com *.facebook.net *.facebook.com *.adscale.com *.qualaroo.com *.emarsys.net *.contentsquare.net *.mention-me.com *.mplxtms.com *.dotomi.com *.consensu.org *.wknd.ai *.bounceexchange.com *.greenstory.ca *.unpkg.com *.atdmt.com *.mplat-ppcprotect.com *.klaviyo.com data: wss: https: blob:;
strict-transport-security
max-age=31536000; includeSubDomains

Links to (6)

Linked from (1)