indexo.dev

bravologin.co.uk

.uk crawl

First seen 2026-04-22 · Last seen 2026-05-13 · ok HTTP/1.1 200 5234 ms crawled 2026-05-16

GB · 85.13.239.169 · AS31708 Coreix Ltd

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Sign in

Registration

Registrar
GoDaddy.com, LLC.
Created
2021-05-07
Expires
2027-05-07 351 days left
Updated
2026-04-09
Name servers
  • ns27.domaincontrol.com.
  • ns28.domaincontrol.com.

DNS records live

NS
  • ns27.domaincontrol.com
  • ns28.domaincontrol.com
MX
  • 10 mx.sendgrid.net

Email authentication weak

SPF
not published
DMARC
not published
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6Um1mAshcWLbXZ367e8DV4I2dMYqPjo22c2rUmn94TQR4X1YJyozMLYEW87lrONafzRPKAh6l6n4UnsV9…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC88fO/mTMQ/axNcbPGVSvFpuf8RQfUnVB6WV9igbivp3lmntv2GIkRAZP43l2tVBGddteBXKYbpxFcIDYm1vTjp0…
selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2
from 2025-05-27 to 2026-06-28
Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://home.bravologin.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, ALLOW-FROM http://www.youtube.com/
content-security-policy
default-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.typeform.com *.youtube.com; img-src * 'self' data: https:; media-src *; script-src *.bravologin.co.uk embed.typeform.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
strict-transport-security
max-age=31536000

Linked from (1)