brighthorizons.com

HTML metadata

Title: Welcome to Bright Horizons | Bright Horizons®
Description: Look to us for innovative child care & early education for families, solutions for employers, benefits for employees…all trusted by families and employers for more than 30 years.
Language: en
Canonical: https://www.brighthorizons.com/

Open Graph

url: https://www.brighthorizons.com/
title: Bright Horizons Global Homepage
description: Look to us for innovative child care & early education for families, solutions for employers, benefits for employees…all trusted by families and employers for more than 30 years.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (7)

cdn-ukwest.onetrust.com×3
www.googletagmanager.com×3
cdn.jsdelivr.net×2
cdnjs.cloudflare.com×1
code.jquery.com×1
kit.fontawesome.com×1
maps.googleapis.com×1

Social

Registration

Registrar

CSC Corporate Domains, Inc.

Created

1996-02-14

Expires

2028-02-15 637 days left

Updated

2026-02-11

Name servers

anirban.ns.cloudflare.com
natasha.ns.cloudflare.com

DNS records live

NS

anirban.ns.cloudflare.com
natasha.ns.cloudflare.com

MX

10 us-smtp-inbound-1.mimecast.com
10 us-smtp-inbound-2.mimecast.com

TXT

Show 41 TXT records

onetrust-domain-verification=bc5b91f2584343beafd3b1742028b390
_960fldlw8eeirgesexdl2ac6msn1uop
_jey49pua8ee7viej76wk2d2ty3rl1zn
d365mktkey=kwt95kAWdjbotwvnKsA1BLaGxKsO6POPrUeSEny7CRsx
_wfwcv3b2uiqe2ay7ghw2efhxc8bfxby
pardot_77712_*=b2c52f482fdf12b45a4bc39df9d4fb0ad0e9d384667a5ba9f9781dab72afff15
_tkaf6ywrkl38t6e8b35mwd1jxu4kalm
apple-domain-verification=6pZtSbU3FVgaIRTn
_mmfqpuqng9g692491skdnpbfqmeljqs
intersight=72dd6f0653652795c6e5b323628899c23699477fd66ce6a27cba627d49f58107
h5zJu4Z5sgbsXR5njWiI4y6KQOcfEYM09Nejuf4wjIgvaVB4xO6ZPjjrHJS2S6WMVXyjtXDDZ4n3x8Y0yUQUzg==
d365mktkey=aLTxHh0wXgllY7VrSwo45PFv6uM3hevOdKixxdwRLiAx
google-site-verification=3lXw-4Mf1wz31AEWnSkQcLpzLOJbD-2Zs_Z_y8y0sQI
MS=ms65190423
asv=9c4b9e05d71f8bf0547e4e66fbb95c74
google-site-verification=P01e4dQ7evtYoSak-ri6ZX_Nw_AzVJ-PIWw9I0It1uQ
_95pzgq26z6l7l98jlxytvg1vyasziv1
amazonses:va2vjnSlLgNAB7xRB8PAWn3nwfKpvmq958gqi+W+yWQ=
quickbase-site-verification-8943b5f8f01546b4c8d383d56b84eeb88335c60c
onetrust-domain-verification=b145040500a44681a656d7e1c5fbf399
C7XQ3BJN3KCFIMPJWJBXVJW33YJPO8Q98EUQ8IFJ3
_r4glluj5nnz08wkkx449h6ggz681oa1
asv=3d38437ea0dd91dc6270229a41f30cf4
google-gws-recovery-domain-verification=51532768
google-gws-recovery-domain-verification=69227999
apple-domain-verification=Kra64Pwut-cbkIQf-F2wJPbGgYtCHKlYhWxThJSHOTI
teamviewer-sso-verification=bf38472827344260b603354dfa06534f
MtuvEECF09/r7JXa1GOGbs04ssaAkcCm5MkzvMzkxxj/ipuK+aJHu8qRs8MbS/WX3nhHhXPc1Tg/HjTTHSeWSw==
_1md453t8criirjd55iqyu0adbxnxb0u
5d1b5e9629e8c7da4d757aa4f5bea71321b3da0e8bbcc287fa67a7f2c6e4cb52
notion-domain-verification=JxLZgoSD8XsBGeVDfK8hqJ1BP4ewmOnY4ufuoTmVlsd
_7fonlw10z6eypmd2yluvk73stzn83cc
SFMC-7eLHgkIEIbdYRJKjhvtPmlhz-2cf2NumWXS0aBgJ
d365mktkey=DmkpAsMFV6K0agbdqx7ECarQU28ixxxYhGfmxkTJa8ox
Dynatrace-site-verification=39ed3063-bae4-45f2-b1e2-463f1329d1af__trh6qui4q1ha7ol73r39r6ipvo
MS=ms59843684
MS=ms54990741
sitecore-domain-verification=e845bda32a5e4ba994584d6240e25bd0
_1xgds5cmul79gi9ik3kyvfguv76wr57
google-site-verification=mbnDLTvYLyfb-cE7hXKmeC-8VwUNb5ohQePHT_OrT8w
MS=ms41822590

Email authentication strong

SPF

v=spf1 include:spf1.brighthorizons.com include:spf2.brighthorizons.com include:spf3.brighthorizons.com include:spf.clearslide.com include:nam.pb-dynmktg.com include:spf.smtp2go.com exists:%{i}._spf.salesforce.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:33ad925b7f2c862@rep.dmarcanalyzer.com; ruf=mailto:33ad925b7f2c862@for.dmarcanalyzer.com; fo=1;

policy: quarantine

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFmpDy0yH0lwVG5D/9xP7zs6wbnDMp3ZeqzGpkda4yd4QlnZA3GQcwUE81MqYMzF/g513OMS5dzKEFzAhA1V…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0CVZVAXDB0e2FnGw9Z8IcMRxGYj6l2n0IENcnNRgokAGA3Pt9z+up+D7x3iYN8veXeFlOP7LreooasiE8…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOXQJDWzXsjdPjrkznhgeqE7VMHn7+CGLvAG3MmAm3lTsmbT2p1s0u5f9F5qO7xpPJ+YmqiJtRsMUNq5JQR1HezV…

selectors probed

Certificate (current)

WE1

from 2026-04-13 to 2026-07-12

Expires in 55 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.brighthorizons.com/

present

strict-transport-security
content-security-policy
x-frame-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' https://enterprise.legion.work https://uat.enterprise.legion.work; object-src 'none'; script-src 'nonce-0QUpbRpvwKfDKr61vvhC/vXjx1iOpI5oF9t/vROovxoy9xyU9ybGL0ZuhSWxNqMh3SVOKa2P56YMdTH/jOaBBA==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' 'self' https://maps.googleapis.com https://code.jquery.com https://www.googleadservices.com https://js.hsforms.net https://www.google-analytics.com https://static.hotjar.com https://kit.fontawesome.com https://platform.linkedin.com https://apis.google.com https://connect.facebook.net https://maps.google.com https://ajax.googleapis.com https://platform.twitter.com https://*.onetrust.com https://cdnjs.cloudflare.com https://*.brighthorizons.com https://cm.perf.brighthorizons.com https://perf.brighthorizons.com https://snap.licdn.com https://api.bhdts.com https://perfcmsapi.brighthorizons.com https://cmsapi.brighthorizons.com https://az-perf-wus2-cd.azurewebsites.net https://www.googletagmanager.com https://api.ipify.org/ https:/
strict-transport-security: max-age=31536000; includeSubDomains