howdencma.com

HTML metadata

Technology

CDN

Cloudflare

CMS

Drupal

Analytics

• Google Analytics
• Google Tag Manager

Cookie consent

• Iubenda

Social

• linkedin
• instagram

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2024-02-20

Expires

2027-02-20 276 days left

Updated

2026-02-16

Name servers

• lia.ns.cloudflare.com
• pablo.ns.cloudflare.com

DNS records live

NS

• lia.ns.cloudflare.com
• pablo.ns.cloudflare.com

MX

• 10 eu-smtp-inbound-1.mimecast.com
• 10 eu-smtp-inbound-2.mimecast.com

TXT

Show 9 TXT records

• anthropic-domain-verification-ykjx7c=tvz18xaibf0DKup0Y6D9TpGfh
• apple-domain-verification=A2oW3PpzuwFVhpAe
• google-site-verification=YjeYM7GgQHAx3GWA5l-PT4kveAko0GoA32o7GJsytQg
• knowbe4-site-verification=0e436cd8af4a708b00f0cd56dc13f527
• openai-domain-verification=dv-hvAEeuaPRc6XvY656t3JUNFu
• workplace-domain-verification=itIK1hIuThgRyt2Bd6HZ5J1cvMjmXl
• 0ed1fe018a21f6251915ad4622979392ac132e0b6c
• MS=ms55308861
• ZOOM_verify_VVffuAhDd7kUubm6UhQokV

Email authentication strong

SPF

v=spf1 include:_netblocks.mimecast.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; adkim=s; aspf=s

policy: reject (enforced)

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.howdencma.com/

present

• content-security-policy
• x-frame-options
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing Referrer Policy
• missing Permissions Policy

Links to (10)

• finra.org×2
• howden-nova.com×2
• howdengroup.com×2
• howdengroupholdings.com×2
• howdenre.com×2
• instagram.com×2
• linkedin.com×2
• myworkdayjobs.com×2
• sipc.org×2
• tigerrisk.com×2

Linked from (2)

• howdenre.com×2
• howdentiger.com×1