edfman.com

HTML metadata

Title

ED&F Man Commodities / The global experts in coffee, molasses, and sugar

Description

A vital part of the global food supply chain

Language

en-GB

Generator

All in One SEO Pro (AIOSEO) 4.9.6.2

Canonical

https://www.edfman.com/

Feeds

Open Graph

url: https://www.edfman.com/
title: ED&F Man Commodities / The global experts in coffee, molasses, and sugar
locale: en_GB
site name: ED&F Man Commodities / A vital link in the global food supply chain
description: A vital part of the global food supply chain

Technology

Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Font Awesome
Google Fonts

Third-party hosts loaded (3)

use.fontawesome.com×3
fonts.googleapis.com×2
www.googletagmanager.com×1

Social

Contact

Email

web.enquiries@edfman.com

Address

st NewsGuadalajara team lends a hand to support local kidsLatest NewsApril 29, 2026

Registration

Registrar

GoDaddy Corporate Domains, LLC

Created

1995-12-03

Expires

2026-12-02 196 days left

Updated

2025-11-01

Name servers

ns05.gcd-dns.com
ns06.gcd-dns.com

DNS records live

NS

ns05.gcd-dns.com
ns06.gcd-dns.com

MX

0 edfman-com.mail.protection.outlook.com

TXT

Show 4 TXT records

smartsheet-site-validation=GDCTwZg0taVbP0UCtP_3IkRictLC2F9X
85adi5agaqeq6ggrst6bv7il8o
KrSh+FXwqW85ky0E0WhVloZGM5fNFI9YAMc6aJgP42TOABixYrsIyW1XEEsTn/dxlqUvkHWQ82Tc0c0OVA15fQ==
google-site-verification=GsR1vSD8isRvS4oCRUkwNhgNzrF54AsL72RQ6FbPcAU

Email authentication strong

SPF

v=spf1 ip4:51.104.28.70/32 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=reject;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAD8VBB8jmT62SDApXadcy4VsFEaZzgYwqijMPnW4q3/MFlBavzf5O5lP1jSFDOz9FZ44+SFrWyMLXJJer3J…

selectors probed

Certificate (current)

Starfield Secure Certificate Authority - G2

from 2026-01-20 to 2027-01-20

Expires in 246 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.edfman.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.azureedge.net *.google.com *.google-analytics.com *.fontawesome.com; script-src 'self' 'nonce-UlVFI+NdY2nOZUdy2O1JDA==' *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.azureedge.net *.fontawesome.com *.youtube.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.azureedge.net *.fontawesome.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google.com *.googleusercontent.com *.azureedge.net *.gravatar.com *.ytimg.com; font-src 'self' data: *.gstatic.com *.azureedge.net *.fontawesome.com; frame-src 'self' *.google.com *.youtube-nocookie.com *.youtube.com; connect-src 'self' *.google-analytics.com *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.azureedge.net *.fontawesome.com; worker-src 'self' blob: *.google.com; frame-ancestors 'self' *.google.com
strict-transport-security: max-age=31536000; includeSubDomains; preload