createacademy.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Online Creative Courses - Learn Interior Design, Floristry, Cooking & More | Create Academy
Description: Learn interior design, floristry, cooking and crafts from world-renowned experts like Rita Konig and Dan Pearson. 50+ beautifully produced video courses, 1,500+ lessons. Rated 4.7/5 on Trustpilot.
Language: en
Canonical: https://www.createacademy.com/

Open Graph

url: https://www.createacademy.com
title: Online Creative Courses | Create Academy
site name: Create Academy
description: Learn interior design, floristry, cooking and crafts from world-renowned experts like Rita Konig and Dan Pearson. 50+ beautifully produced video courses, 1,500+ lessons. Rated 4.7/5 on Trustpilot.

Technology

CDN: Amazon CloudFront
CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (6)

cdn.sanity.io×12
image.mux.com×3
s.skimresources.com×1
stream.mux.com×1
www.dwin1.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2011-09-02

Expires

2026-09-02 91 days left

Updated

2025-09-03

Name servers

mack.ns.cloudflare.com
zelda.ns.cloudflare.com

DNS records live

NS

mack.ns.cloudflare.com
zelda.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt4.aspmx.l.google.com
15 h6rhju7atilzw6beox347rq3ddngrdsm7cgovunrkbc7vm47uuoq.mx-verification.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

Atlassian
Google
Meta

Email authentication partial

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1;p=none;

policy: none (monitoring only)

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd61xrSrSSj5fF469qw+nah2NnuKIidRODekdFM67Smlee/AGr2L3HtYVqGZySegAcbT5veoVCxVec…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVjJZ2a0HmBwcK/PPvEs4DtxjBG8m4f1LIw5dXtuqjQOZTadLxQ7rTcy15WYbOq6azVyrcR/rIWaFpWW8I…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QdPPIt8oz4J/cFBmWawcE1fVp2gQG1Wtoya/prGZF656qAOElbvXwZ2b0sr6wTA1sWRPpzZ46HAvxbEg+…

selectors probed

Certificate (current)

WE1

from 2026-04-12 to 2026-07-11

Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.createacademy.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; font-src 'self' https: data:; object-src 'self' https://*.s3.amazonaws.com https://*.s3.eu-west-2.amazonaws.com; worker-src 'self' blob: https://unpkg.com; media-src 'self' https: blob: data: https://*.mux.com; img-src 'self' https: data: blob: https://image.mux.com https://*.litix.io; frame-src 'self' https://accounts.google.com https://js.stripe.com https://widget.trustpilot.com https://www.trustpilot.com https://player.mux.com https://www.youtube.com https://www.youtube-nocookie.com https://*.s3.amazonaws.com https://*.s3.eu-west-2.amazonaws.com https://ct.pinterest.com https://my.matterport.com; connect-src 'self' https: https://*.ingest.sentry.io https://*.sentry.io https://*.s3.amazonaws.com https://*.s3.eu-west-2.amazonaws.com https://*.cloudfront.net https://*.mux.com https://*.litix.io https://storage.googleapis.com; script-src 'self' https: blob: 'unsafe-eval' https://src.litix.io https://accounts.google.com https://www.googletagmanager.com https://
strict-transport-security: max-age=63072000; includeSubDomains

Links to (10)

Linked from (1)

ninacampbell.com×1