elior.co.uk

HTML metadata

Title: Elior UK - The UK's #1 Contract Catering Company
Description: We're dedicated to excellence in contract catering, from customer service, the whole customer experience; the food, the people who serve it, the resources behind the scenes that make us a trusted, innovative partner.
Language: en
Generator: Drupal 10 (https://www.drupal.org)
Canonical: https://www.elior.co.uk/node

Open Graph

image:url: https://www.elior.co.uk/files/styles/general_crop_style/public/2017-06/about_us_why_elior_548_2_0.jpg

Technology

Server: Apache
CMS: Drupal

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×3
fonts.gstatic.com×1
static.addtoany.com×1
www.googletagmanager.com×1
www.youtube.com×1

Social

Registration

Registrar

Nameshield SAS

Created

2000-04-12

Expires

2027-04-12 327 days left

Updated

2026-04-10

Name servers

nsa.perf1.fr.
nsb.perf1.com.
nsc.perf1.com.

DNS records live

NS

nsa.perf1.fr
nsb.perf1.com
nsc.perf1.com

MX

10 de-smtp-inbound-1.mimecast.com
10 de-smtp-inbound-2.mimecast.com

TXT

Show 10 TXT records

_globalsign-domain-verification=az-42JUdvl0lLn-8A_e_TRf7pK47JCJl7xN33THMwO
_globalsign-domain-verification=qaKcRhj3-gJDg4hb8LvNBa93QQWqqLVdChqk9y1dgG
google-site-verification=fGR5EZMFl0jH8sMA04lYAnaCRQ_VFKpTMrYHf5dnfTo
docusign=f3a743bd-bb0d-4288-8bbc-0f71134bb7c7
google-site-verification=Qv-HxQQHQz8_W6zDpNr0fcGMm43Hx_oD4DSdZgXHMOw
MS=ms94282455
_globalsign-domain-verification=yXV2xlYhC9eGp6hYd-yIMjMO-7i0IA8ZFCwNv1O7Z_
_globalsign-domain-verification=4qZNNYcDQOgqsQg2ovRv_IMf34le8mNgMvCW1ePsZE
_globalsign-domain-verification=sVcemy0FEKiCQXSbNGFnSJXI7V92dAauUKCnoPznIn
atlassian-domain-verification=jDHk1t/0WY7m74KTpbZJvBx/7O4SalyAwroi8Cg3TVwXSs4uhlCJz+LtRSW7saXL

Email authentication partial

SPF: v=spf1 ip4:195.25.81.52 ip4:185.189.236.99 include:de._netblocks.mimecast.com -all
strict (-all)
DMARC: v=DMARC1; p=none; rua=mailto:72cc5883011b446@rep.dmarcanalyzer.com; ruf=mailto:72cc5883011b446@for.dmarcanalyzer.com; fo=1;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-04-04 to 2026-07-03

Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.elior.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
weak content type protection

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), camera=(), payment=()
x-content-type-options: nosniff, nosniff
content-security-policy: object-src 'none'; script-src 'self' 'report-sample' 'unsafe-eval' https://www.googletagmanager.com cdnjs.cloudflare.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://maps.googleapis.com https://static.addtoany.com https://unpkg.com https://www.google.com https://www.youtube.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://www.gstatic.com https://connect.facebook.net https://secure.quantserve.com https://snap.licdn.com https://bat.bing.com https://rules.quantcount.com https://www.clarity.ms https://scripts.clarity.ms https://sc-static.net cdnjs.cloudflare.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://maps.googleapis.com https://static.addtoany.com https://unpkg.com https://www.google.com https://www.youtube.com; style-src 'self' 'report-sample' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com h
strict-transport-security: max-age=63072000; preload;

Links to (4)

Linked from (1)

scottishrugby.org×1