indexo.dev

heritable.com

.com crawl

First seen 2026-05-04 · Last seen 2026-05-17 · ok HTTP/1.1 200 2000 ms crawled 2026-05-11

US · 104.19.191.28 · AS13335 Cloudflare, Inc.

Reputation 100/100

sector finance type homepage

HTML metadata

Title
Heritable Development Finance
Description
At Heritable Development Finance, we do things differently. Our management commit significant capital alongside the bank, giving our team personal interest in the success of your development project.
Language
en

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • cdn-ukwest.onetrust.com×2
  • fonts.googleapis.com×2
  • unpkg.com×2
  • www.googletagmanager.com×1

Contact

Email
Phone

Registration

Registrar
CSC Corporate Domains, Inc.
Created
1999-12-09
Expires
2026-12-09 202 days left
Updated
2025-12-05
Name servers
  • dns1.cscdns.net
  • dns2.cscdns.net

DNS records live

NS
  • dns1.cscdns.net
  • dns2.cscdns.net
MX
  • 20 eu-smtp-inbound-1.mimecast.com
  • 20 eu-smtp-inbound-2.mimecast.com
TXT
  • Tsr1vCqtCnip1frBwJ8P1Bwa3YUGQ/Ay3Ex8gCvr+BHgwBpqZ+F+WWPkBQ9D6tNFDwWG/EGNjh6YqyeYzeOk6g==
  • 0ed1fe018ad2daa3ace6854c70af72d6b269a7cbde
  • knowbe4-site-verification=6ff646d3f514c3094bc15f4ca45eef1c
Verified for
  • Cisco
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:_netblocks.icims.com include:_spf.psm.knowbe4.com include:eu._netblocks.mimecast.com include:_spf.salesforce.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:641e5610cf84127@rep.dmarcanalyzer.com; ruf=mailto:641e5610cf84127@for.dmarcanalyzer.com; fo=1;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-27 to 2026-07-26
Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.heritable.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), display-capture=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' packages.umbraco.org our.umbraco.org cdn-ukwest.onetrust.com googletagmanager.com privacyportal-uk.onetrust.com cookiepedia.co.uk geolocation.onetrust.com *.googletagmanager.com tagmanager.google.com google-analytics.com *.google-analytics.com cdn.cookielaw.org cookie-cdn.cookiepro.com *.clarity.ms c.bing.com *.googleapis.com unpkg.com *.tile.openstreetmap.org *.openstreetmap.org;script-src 'self' ajax.googleapis.com maps.googleapis.com unpkg.com ajax.aspnetcdn.com cdnjs.cloudflare.com cdn.jsdelivr.net cookiepedia.co.uk geolocation.onetrust.com *.onetrust.com cdn.cookielaw.org cookie-cdn.cookiepro.com tagmanager.google.com *.google.com google-analytics.com *.google-analytics.com ssl.google-analytics.com cdn.cookielaw.org cookie-cdn.cookiepro.com *.clarity.ms c.bing.com geolocation.onetrust.com privacyportal-uk.onetrust.com cdn-ukwest.onetrust.com googletagmanager.com *.googletagmanager.com www.googletagmanager.com *.googleapis.com unpkg.com 'unsafe-eval' '
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (1)