indexo.dev

gbbank.co.uk

.uk crawl

First seen 2026-05-28 · Last seen 2026-05-31 · ok HTTP/1.1 200 577 ms crawled 2026-05-31

US · 172.67.72.58 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Property Finance & Online Savings Accounts | GB Bank
Description
Secure your property investment goals with GB Bank's flexible funding solutions and competitive online savings accounts. FCA regulated with FSCS protection.
Language
en-GB
Canonical
https://www.gbbank.co.uk/

Open Graph

url
https://www.gbbank.co.uk/
title
Property Finance & Online Savings Accounts | GB Bank
locale
en_GB
site name
GB Bank
description
Secure your property investment goals with GB Bank's flexible funding solutions and competitive online savings accounts. FCA regulated with FSCS protection.

Technology

CDN
Cloudflare
CMS
WordPress
jQuery
3.7.1
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • fonts.googleapis.com×3
  • cc.cdn.civiccomputing.com×2
  • js-eu1.hs-scripts.com×2
  • www.google.com×2
  • fonts.gstatic.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • heidi.ns.cloudflare.com
  • titan.ns.cloudflare.com
MX
  • 10 eu-smtp-inbound-1.mimecast.com
  • 10 eu-smtp-inbound-2.mimecast.com
TXT
  • 0ed1fe018aa4a52abd3d4b455badfc1b884a4104c8
  • 425eb19905b5122c23e54679a766097b
  • _l2ihkb790s6qb7vaeoloeu6lr90rmqn
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1;p=none;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS+q1uymGA3sbxP7am7WpdXjJVGB7ZXb8nbCr0kLN7VWUh5LhTTJ47PWx4h6Zg681nKfm/OxPLQZyy…
selectors probed

Certificate (current)

WE1
from 2026-04-21 to 2026-07-20
Expires in 47 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.gbbank.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' https://px.ads.linkedin.com https://*.doubleclick.net https://thefontzone.com https://*.clarity.ms https://c.bing.com https://www.chatbase.co https://noembed.com https://cdn.plyr.io https://player.vimeo.com https://*.vimeo.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.googleapis.com https://apikeys.civiccomputing.com https://yoast.com https://www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://pagead2.googlesyndication.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://google.com https://google.co.uk *.hubapi.com js.hscta.net js-eu1.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com static.hsappstatic.net; font-src 'self' data: https://f.vimeocdn.com https://fonts.gstatic.com https://fonts.googleapis.com; frame-ancestors 'self' https://www.google.com; frame-sr
strict-transport-security
max-age=31536000; ;

Links to (4)

Linked from (1)