guycarp.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-20 · ok HTTP/1.1 200 1606 ms crawled 2026-05-19

US · 99.83.175.37 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: Guy Carpenter Homepage
Description: We deliver unmatched insight into the global (re)insurance market to create bespoke solutions that help you achieve your capital, growth and volatility objectives.
Language: en
Canonical: https://www.guycarp.com/

Technology

CDN: Amazon CloudFront
Server: Apache

Analytics

Google Tag Manager

Cookie consent

Osano

Third-party hosts loaded (4)

cdnjs.cloudflare.com×2
cmp.osano.com×1
rum.hlx.page×1
www.googletagmanager.com×1

Social

Registration

Registrar

MarkMonitor Inc.

Created

1995-08-01

Expires

2026-07-31 71 days left

Updated

2026-05-16

Name servers

ns01.mmc.com
ns03.mmc.com
ns04.mmc.com
ns05.mmc.com

DNS records live

NS

ns01.mmc.com
ns03.mmc.com
ns04.mmc.com
ns05.mmc.com

MX

5 mxa-001b7601.gslb.pphosted.com
5 mxb-001b7601.gslb.pphosted.com

Email authentication strong

SPF

not published

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV2EWSL6JVUaxfbNg2i3OLC/OupqCffL17XspVcgTeR4j5A0a1wuQN444WGereLP0hnA1AxvQnFhfq…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5M5vf8S6kfU0xoXAW8EWge1KPW+SRd4bxehiEI1Hrq4n+9si+OA1s1IYUV9enc0QNHFPZiKIe8C5wy26W…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR2t8BH/v9xdCjeF7k4sJraw95Cb2Z3MIbkk+j1LMOq+SMHyRUir2WGwqIBgmEkLkCUopUCNvjmY/O3FC3…
smtpapi: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwf…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-01-02 to 2027-01-03

Expires in 227 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.guycarp.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
x-content-type-options: nosniff
content-security-policy: font-src 'self' data: *; default-src 'self' 'unsafe-inline' *; img-src * 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; worker-src 'self' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload