icas.com

HTML metadata

Title: Homepage - ICAS
Description: ICAS is the oldest global professional membership organisation and business network for Chartered Accountants. We are an educator, regulator, examiner and a professional awarding body.
Language: en

Technology

CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (2)

scripts.simpleanalyticscdn.com×2
www.googletagmanager.com×1

Social

Registration

Registrar

Tucows Domains Inc.

Created

1996-06-26

Expires

2026-06-25 37 days left

Updated

2026-01-19

Name servers

ns0.ifb.net
ns1.ifb.net

DNS records live

NS

ns0.ifb.net
ns1.ifb.net

MX

10 icas-com.mail.protection.outlook.com

TXT

Show 10 TXT records

atlassian-domain-verification=waNUJyDPaHGCqs7y9dfplYQqk1ye0csQ47YPCN7vyaoxeGGj5Y4WxOf6x409Fa-G
google-site-verification=j2z8Iyh1QNBaxIU0ji76I8bedxZRqNWvYtofYyuau6E
apple-domain-verification=6b7uLIBChrB5IHfB
webexdomainverification.EQXH=14c25217-b674-47be-be15-3adabac7e3dc
google-site-verification=wmGV6HFpFY1KPzHjkDJMWkh6HYCokcY-Xv7M06tbAdo
MS=ms64015467
06md00597x6p2dn19dwvk6qdc96l6spy
CJqHGvEMFPYsnnuPdyBs9VwDwzoWX8TbTUyA2j8hoGfpIMB7CRxrZWgayp7YVZ3iPcxpsgEGgI0HnHgJlRW4SQ==
zy3z968bzsgrhs8vp1jdvk63m7p239xt
facebook-domain-verification=pyd41z68s3dwrr0izmd2y5jjo54dgd

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:spf.emailsignatures365.com include:servers.mcsv.net include:_spf.atlassian.net include:eventsairmail.com include:icloud.com ip4:185.240.202.77 ip4:164.177.189.81 ip4:109.108.128.59 ip4:52.31.29.196 ip4:46.226.2.235 ip4:185.73.152.18 ip4:167.89.43.190 ip4:159.183.181.113 ip4:149.72.116.19 ip4:149.72.117.225 ip4:149.72.119.192 ip4:149.72.119.197 ip4:149.72.119.199 ip4:149.72.119.210 ip4:149.72.147.106 ip4:149.72.148.50 ip4:149.72.155.21 ip4:149.72.160.121 ip4:149.72.166.148 include:sendgrid.net include:eu.sparkpostmail.com include:mail.zendesk.com -all

strict (-all)

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1gU64wM331J2x42nJ5l0VWV9mz2yyXOQwlgqvQ5eOkANWTV43m7GSCUU9MBBKHDpm6+8o9nY+5vm506tZ…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8tvSmzHnj/KkHIVAuonmai05ZFiat3Js8GETYTxg0Pfb3773i53A56TIx89vrodwSgVPFTQFqQ1Tg/KOpQM6YlC…

selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-02-22 to 2026-08-23

Expires in 96 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://icas.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://static.zdassets.com https://*.onetrust.com https://ekr.zdassets.com https://ekr.zendesk.com https://queue.simpleanalyticscdn.com https://dev-ep2r2vpftciiiswf.uk.auth0.com/oauth/token https://icas.uk.auth0.com/oauth/token https://login-uat-icas.uk.auth0.com/oauth/token https://dev-ep2r2vpftciiiswf.uk.auth0.com/ https://icas.uk.auth0.com/ https://login-uat-icas.uk.auth0.com/ https://icas2210.zendesk.com https://www.icas.com https://*.zopim.com https://zendesk-eu.my.sentry.io wss://icas2210.zendesk.com wss://*.zopim.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://scripts.simpleanalyticscdn.com/latest.js https://static.zdassets.com https://cdn-ukwest.onetrust.com https://static.hotjar.com https://script.hotjar.com https://www.googletagmanager.com https://tagmanager.google.com https://ekr.zdassets.com https://ekr.zendesk.com https://icas2210.zendesk.com https://*.zop
strict-transport-security: max-age=63072000; includeSubDomains; preload