hovertravel.co.uk

.uk crawl

First seen 2026-04-16 · Last seen 2026-05-11 · ok HTTP/1.1 200 3876 ms crawled 2026-05-11

GB · 51.104.28.82 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Fastest Isle of Wight Ferry | Portsmouth to Isle of Wight
Description: Hovertravel offers the fastest Isle of Wight ferry crossing from Portsmouth to the Isle of Wight. Travel to the Isle of Wight in 10 minutes with Hovertravel.
Language: en
Canonical: https://www.hovertravel.co.uk

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (4)

cdn.jsdelivr.net×6
ajax.aspnetcdn.com×4
cdnjs.cloudflare.com×2
www.googletagmanager.com×1

Social

Contact

Phone

107-3428-91

Address

Clarence Esplanade, Southsea, PO5 3AD, Portsmouth, GB

Registration

Registrar

123-Reg Limited t/a 123-reg

Created

1998-03-06

Expires

2027-03-06 289 days left

Updated

2025-03-07

Name servers

ns20.digicertdns.com.
ns21.digicertdns.com.
ns23.digicertdns.net.
ns24.digicertdns.net.

DNS records live

NS

ns20.digicertdns.com
ns21.digicertdns.com
ns22.digicertdns.com
ns23.digicertdns.net
ns24.digicertdns.net
ns25.digicertdns.net

MX

10 eu-smtp-inbound-1.mimecast.com
20 eu-smtp-inbound-2.mimecast.com

TXT

Show 4 TXT records

s6g4oa2migiqifpgq7k3k152q3
mzg3swgsfm369vj1bklmyf3pkpv24hl0
fbrsoae22j1k2rbn423lkgptck
0ed1fe018a6607503fc4954f13bf0312fbfbb99c88

Verified for

Apple
Google
Microsoft 365

Email authentication weak

SPF: v=spf1 ip4:89.151.105.43 ip4:109.108.148.139 include:_netblocks.mimecast.com include:hostingspf.carus.com -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2025-07-21 to 2026-08-18

Expires in 90 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.hovertravel.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), camera=(), microphone=(), fullscreen=(self), payment=(self "https://secure.pay360.com/" "https://api.pay360.com/"), autoplay=(self), gyroscope=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' our.umbraco.com marketplace.umbraco.com dashboard.umbraco.com; script-src 'self' https://ajax.aspnetcdn.com/ https://api.livechatinc.com/ https://api.pay360.com/ https://secure.pay360.com/ https://api.reciteme.com/ https://cdn.jsdelivr.net/ https://cdn.livechatinc.com/ https://cdnjs.cloudflare.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://www.google-analytics.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.gstatic.com/ 'unsafe-inline' 'unsafe-eval' https://cdn.worldpay.com/ https://c5.adalyser.com https://www.instagram.com/; style-src 'self' https://api.reciteme.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline'; base-uri 'self'; connect-src 'self' https://stats.g.doubleclick.net/ https://api.reciteme.com https://content.hotjar.io https://vc.hotjar.io https://events.reciteme.com https://metrics.hotjar.io *.google-analytics.com/
strict-transport-security: max-age=2592000

Links to (6)

Linked from (1)

dancelive.co.uk×2