indexo.dev

boxt.co.uk

.uk crawl

First seen 2026-04-13 · Last seen 2026-05-16 · ok HTTP/1.1 200 944 ms crawled 2026-05-06

US · 104.18.12.20 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
BOXT: Boilers, air conditioning, solar panels & battery storage
Description
At BOXT, find a fixed price A-rated boiler, source solar panels for your home, keep cool with air conditioning, discover heat pumps, and explore EV chargers.
Language
en
Canonical
https://www.boxt.co.uk

Technology

CDN
Cloudflare
CMS
Next.js
Cookie consent
  • OneTrust

Third-party hosts loaded (2)

  • boxt-bcms.imgix.net×38
  • cdn-ukwest.onetrust.com×1

Social

Contact

Phone
Address
st Yorkshire, LS15 8ZB.©2026

Registration

Registrar
Easyspace Ltd
Created
2005-03-04
Expires
2027-03-04 289 days left
Updated
2025-02-05
Name servers
  • everton.ns.cloudflare.com.
  • serena.ns.cloudflare.com.

DNS records live

NS
  • everton.ns.cloudflare.com
  • serena.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 12 TXT records
  • google-site-verification=k1AigpBJJdaL73VINIIYbxUOeYVc_Miz7PgGz7_IOTw
  • loaderio=0a023fe211a8eb02c9e696725c79be73
  • miro-verification=4b63d3360f1cfe4ea3f8a2aea78db1214baf5e43
  • slack-domain-verification=cdesMNXGCUxWzYFFDOIxoOwCJbZQVKTTEQDkyeQf
  • stripe-verification=9551726d576424e111ba3afa650590389704f927f3ede36a7d62a1cc7ba4e54b
  • stripe-verification=d0a58e74c436117c367dd3e30519ad545e8c70ea72ae7ee654bd2e5c58a55363
  • MS=ms65433713
  • atlassian-domain-verification=ImAeF4wUmha9kdtxoCafErDpN1ucuc128I/u2pZR5b3dgxTws1WKzz2aGCuk7zSj
  • facebook-domain-verification=cj79pfe8ro6sz3qfk0txvy9oxi1wva
  • google-site-verification=FJcEzP5OUiGM88b_noawJ6wpt3Dd7qNpSFOjr7XVeyA
  • google-site-verification=c4hGZbLYj2RAceagy5XQRGx41og950AAWpoW9xWMTP0
  • google-site-verification=gxBLYM6bkfl435ITEXhRKd5aeCCWLUwvkH2bNnr9yMw

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:servers.mcsv.net include:sendgrid.net ip4:149.72.212.23 ip4:149.72.204.26 ip4:85.90.33.172 ip4:85.90.33.170 ip4:159.183.232.23 -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; rua=mailto:9681050195944f908c1ee3bb9d63b2aa@dmarc-reports.cloudflare.net,mailto:dmarc@boxt.co.uk
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCEzV5aeqQFRLsaVVWgxr4/mL2vR83bTIyjS1qPraBxnKmq0HuCmDaZbDKsEnqCxvrR4X75Ob/EyPjonNcRdt…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsDm/l5emQDwpV5CxTGWiMjNo+4ztk2FTIuOlXY4vJJAqvPq8df7eqGOqxC0a0lf+gMruJtI91oCQsDBqB…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJws2JGN/bpSeiYvGfgRr6VRkaL1MupvBeKpEC7Nusv8YQNvo6cMNaIbw2w1I5PIVvIK8O3qYyCHjLWxNDpb7OO1…
selectors probed

Certificate (current)

WE1
from 2026-05-02 to 2026-07-31
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.boxt.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.boxt.co.uk; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tracker.marinsm.com https://*.google.com https://*.googletagmanager.com https://connect.facebook.net https://www.facebook.com/signals/ https://*.doubleclick.net https://boxt-bcms.imgix.net https://boxt-fe.imgix.net https://boxt.imgix.net https://www.boxt.co.uk https://bat.bing.com https://rules.quantcount.com https://secure.quantserve.com https://cdn.segment.com https://*.contentsquare.net https://try.abtasty.com https://*.gocardless.com https://decision.flagship.io https://plausible.io https://app.secureprivacy.ai https://www.google-analytics.com https://ajax.cloudflare.com https://*.abtasty.com https://widget.trustpilot.com https://*.cardinalcommerce.com https://www.zenaps.com https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://js.braintreegateway.com https://lantern.roeyecdn.com https://assets.braintreegateway.com https://www.paypalobjects.com https:
strict-transport-security
max-age=15552000; includeSubDomains

Links to (5)

Linked from (3)