cordalehousing.org.uk
cordalehousing.org.uk
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (4)
- d1ssu070pg2v9i.cloudfront.net×27
- www.browsealoud.com×2
- www.googletagmanager.com×1
- www.youtube-nocookie.com×1
Social
Contact
- Phone
- Address
- Cordale Housing Association, Main Street, Renton, Dumbarton, UK
Registration
- Registrar
- GoDaddy.com, LLC.
- Created
- 2001-10-13
- Expires
- 2026-10-13 145 days left
- Updated
- 2025-10-14
- Name servers
-
- cruz.ns.cloudflare.com.
- luke.ns.cloudflare.com.
DNS records live
- NS
-
- cruz.ns.cloudflare.com
- luke.ns.cloudflare.com
- MX
-
- 10 d228375.b.ess.uk.barracudanetworks.com
- 5 d228375.a.ess.uk.barracudanetworks.com
- TXT
-
KLLj9voNVK8nOq0FIfgQVXm1n9CWo7sDnsnTvcdPmCsIqkIs5YNnIOOHO/CsuXi6F0SwcFlgH2TuTPPVT83J6w==C0A2L29640
- Verified for
-
- Microsoft 365
- Workplace
Email authentication strong
- SPF
-
v=spf1 include:spf.ess.uk.barracudanetworks.com include:spf.protection.outlook.com mx a ip4:193.109.254.0/24 ip4:195.245.230.0/23 ip4:213.128.253.55/32 include:spf.mtcserver.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; fo=1; rua=mailto:rua+cordalehousing.org.uk@dmarc.barracudanetworks.com; ruf=mailto:ruf+cordalehousing.org.uk@dmarc.barracudanetworks.compolicy: quarantine - DKIM
-
Show 4 DKIM selectors
- default:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUcp9oakDaY9Nu2KYCfyJGc6CZnEF31O2Vz3LfY/0ObTiYEWHscf2vflavv0ZDDdpkZAhFld5nS81DrFHTxr… - selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNWSRTiq/CxfqDc3ASv3xF4/jbjpRApqhQDZF0Ut8as9xKHrflU+BZk8FT5M/1rELp4icgHrXFIFZ1… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tZsRv4potN8Pi/JDAHcmAoQQBNiR0jQ1gvIYiXLdUIBYd2T5TR29ah6tckhkkzKtE87PJqGPdsCFXhyGL… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaMK9sT/IvBhYgzO7eubOAntNV1FXpv+TJ07Ru4hwqxNq3+choCEQS7c5Qofso84d8lljxq0k/iiDW9V6A…
selectors probed - default:
Certificate (current)
WE1
Expires in 37 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(), microphone=(), camera=(), fullscreen=(self), payment=()- x-content-type-options
nosniff- content-security-policy
default-src blob: https://*.googletagmanager.com https://www.youtube.com/ https://www.youtube-nocookie.com/ https://www.google.com/ 'self'; script-src-elem https://s7.addthis.com/js/300/addthis_widget.js 'self' https://www.gstatic.com https://s3.eu-west-1.amazonaws.com https://smartfeed2-config.vacancy-filler.co.uk https://www.browsealoud.com https://www.google.com https://sf.vacancy-filler.co.uk https://www.googletagmanager.com https://apis.google.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.google.com https://www.browsealoud.com; connect-src 'self' https://*.imunify360.com https://yoast.com https://*.speechstream.net https://region1.google-analytics.com https://www.browsealoud.com https://plus.browsealoud.com https://smartfeed2-config.vacancy-filler.co.uk https://www.google.com https://new-smart-feed.vacancy-filler.co.uk; style-src 'self' 'unsafe-inline' https://p.typekit.net https://code.jquery.com https://use.typekit.net/sli1eci.css https://w- strict-transport-security
max-age=10886400; includeSubDomains; preload