hobgoblin.com

HTML metadata

Title: Hobgoblin Music | Folk & Acoustic Musical Instrument Specialists | Hobgoblin Music Shop
Description: Hobgoblin Music has provided musicians with otherwise hard to find folk instruments, celtic instruments and acoustic instruments for almost 50 years, and has grown to be the largest source in Europe, and probably the world. We have music shops across the UK as well as an online shop and worldwide mail order service, supplying the world with ukuleles, guitars, banjos, mandolins, accordions, melodeons, concertinas and much, much more. Most of our staff are gigging musicians, and our specialist musical advice is free.
Language: en
Canonical: https://hobgoblin.com/

Technology

Server: Sucuri
CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×2
chimpstatic.com×1
fonts.gstatic.com×1
www.facebook.com×1
www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar

Network Solutions, LLC

Created

1996-03-14

Expires

2030-03-15 1395 days left

Updated

2025-10-20

Name servers

ns21.worldnic.com
ns22.worldnic.com

DNS records live

NS

ns21.worldnic.com
ns22.worldnic.com

MX

10 d206373.a.ess.uk.barracudanetworks.com
20 d206373.b.ess.uk.barracudanetworks.com

TXT

Show 7 TXT records

MS=ms33990277
cs6luuii07q2ppr7l5u4je2vi
gcaseanc46l0ibnfn4clppcrii
9pi7rbl6lb19t49v67gp5b9fl9
v=DKIM1; k=rsa; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEfUrYMWOun4mrFNvRlDhZ3iU8hjTmCTdGs5Uk5N109b/VBt81Rj8LQrqFGV0DFG+jQxHgRaX6+olIBdsQzBRvMdgp7TFdoykC0SSsDxnL+a2mCWN7bS6wch4AOh1bZ3czElQmPaPpDud+cSeAPJWEFWsU/Tyf20sxIA6Lfxiz4QIDAQAB
google-site-verification=KgEoh---txvYcGQ_RiT6hVabpKViElpdLuyDRLbgeiE
5apqpq3t0uv8pmiul8q0dsc9o0

Email authentication weak

SPF

v=spf1 include:mailgun.org -all

strict (-all)

DMARC

not published

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lohndeIA/c6dcujocTdKHiB/mixH5cLhTjzj7srGYec8yuegWrita6FIPfTCjYRDyJk4MGltsRaJB…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…

selectors probed

Certificate (current)

Starfield Secure Certificate Authority - G2

from 2026-04-01 to 2026-06-30

Expires in 42 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://hobgoblin.com/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options

findings

weak frame protection
weak content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy-report-only: font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com *.fontawesome.com https://fonts.bunny.net maxcdn.bootstrapcdn.com *.sirv.com fonts.gstatic.com *.typekit.net hobgoblin.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com/tr/ *.googlesyndication.com *.tiktok.com *.stripe.com *.stripe.network *.google.com *.sagepay.com *.opayo.eu.elavon.com hobgoblin.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.stripe.network *.link.com *.amazon.com *.google.com pay.google.com hobgoblin.com 'self'; frame-src secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:/