join-karbonhomesgroup.co.uk

.uk crawl

First seen 2026-05-10 · Last seen 2026-05-10 · ok HTTP/1.1 200 1951 ms crawled 2026-05-16

GB · 18.133.43.31 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Karbon Homes |

Language

en-GB

Generator

Divi v.4.27.6

Canonical

https://join-karbonhomesgroup.co.uk/

Feeds

Karbon Homes » Feed RSS
Karbon Homes » Comments Feed RSS

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (4)

cdnjs.cloudflare.com×3
join-karbonhomesgroup.gs-microsites.net×1
karbon-homes.gs-microsites.net×1
www.googletagmanager.com×1

Social

Registration

Registrar

Namecheap, Inc.

Created

2026-03-17

Expires

2027-03-17 299 days left

Updated

2026-03-17

Name servers

dns1.registrar-servers.com.
dns2.registrar-servers.com.

DNS records live

NS

dns1.registrar-servers.com
dns2.registrar-servers.com

MX

10 eforward1.registrar-servers.com
10 eforward2.registrar-servers.com
10 eforward3.registrar-servers.com
15 eforward4.registrar-servers.com
20 eforward5.registrar-servers.com

Email authentication weak

SPF: v=spf1 include:spf.efwd.registrar-servers.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

from 2026-03-17 to 2026-06-15

Expires in 25 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://join-karbonhomesgroup.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer
x-frame-options: sameorigin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.gs-microsites.net gs-microsites.net *.google-analytics.com google-analytics.com https://www.googletagmanager.com https://maps.googleapis.com https://cloud.elegantthemes.com https://et-prod-cloud-items-content.nyc3.cdn.digitaloceanspaces.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://www.gatenbysanderson.com https://prod-public-static-gs.s3.eu-west-1.amazonaws.com https://www.google.com https://player.vimeo.com https://www.youtube.com; script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/psl/ https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com https://d3jh33bzyw1wep.cloudfront.net; img-src data: 'self' *.gs-microsites.net gs-microsites.net *.google-analytics.com google-analytics.com https://www.gravatar.com https://et-prod
strict-transport-security: max-age=2592000 ; includeSubDomains

Links to (4)

Linked from (1)

gatenbysanderson.com×1