building.co.uk
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Ads
-
- Google AdSense
- Fonts
-
- Google Fonts
Third-party hosts loaded (8)
- d3sux4fmh2nu8u.cloudfront.net×134
- d3rcx32iafnn0o.cloudfront.net×2
- www.googletagmanager.com×2
- cdnjs.cloudflare.com×1
- d224eigjcmsomk.cloudfront.net×1
- fonts.googleapis.com×1
- l.getsitecontrol.com×1
- pagead2.googlesyndication.com×1
Social
Registration
- Registrar
- 123-Reg Limited t/a 123-reg
- Created
- 1996-08-22
- Expires
- 2026-08-22 94 days left
- Updated
- 2025-08-23
- Name servers
-
- mns01.domaincontrol.com.
- mns02.domaincontrol.com.
DNS records live
- NS
-
- mns01.domaincontrol.com
- mns02.domaincontrol.com
- MX
-
- 5 building-co-uk.mail.protection.outlook.com
Email authentication strong
- SPF
-
v=spf1 include:mail.zendesk.com include:spf-mcst.ubm.com ip4:168.245.29.129/32 ip4:52.210.120.91/32 include:sendgrid.net include:_spf.createsend.com include:spf.protection.outlook.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M04
Expires in 267 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss:; child-src https: blob:; object-src 'none'; frame-ancestors 'self' https://subs.building.co.uk;- strict-transport-security
max-age=31536000; includeSubDomains; preload;