lilaccentre.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-12 · ok HTTP/1.1 200 677 ms crawled 2026-05-16

US · 104.21.80.116 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: The Lilac Centre
Language: en

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

Cloudflare, Inc.

Created

2025-09-09

Expires

2027-09-09 476 days left

Updated

2025-09-09

Name servers

clay.ns.cloudflare.com
lisa.ns.cloudflare.com

DNS records live

NS

clay.ns.cloudflare.com
lisa.ns.cloudflare.com

MX

1 smtp.google.com

Verified for

Google

Email authentication strong

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:03b5342a8b7d42d0aa7e75d0ed6b01b9@dmarc-reports.cloudflare.net;

policy: quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2d94qi4KDIn7rM74CUpcyIk/j/xEJzBf9BlQR0Q1JsEUq6EOb+1M+FtBMd5C/SaC6gcgvsAwk91yZ…

selectors probed

Certificate (current)

WE1

from 2026-05-04 to 2026-08-02

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://lilaccentre.com/

present

strict-transport-security
content-security-policy
referrer-policy
permissions-policy

findings

CSP uses wildcard sources
missing frame protection
missing content type protection

Header values

referrer-policy: strict-origin
permissions-policy: accelerometer=(self), camera=(self), fullscreen=(self "https://player.vimeo.com"), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), sync-xhr=(self), usb=(self)
content-security-policy: base-uri 'none'; block-all-mixed-content; connect-src 'self' the-lilac-review.s3.eu-west-2.amazonaws.com accounts.google.com maps.googleapis.com *.constantcontact.com *.ctctcdn.com *.google-analytics.com *.stripe.com videodelivery.net; default-src blob:; font-src 'self' data: fonts.gstatic.com; form-action 'self' *.facebook.com; frame-ancestors none; frame-src 'self' *.facebook.com *.google.com *.stripe.com *.travelsmarter.net *.videodelivery.net player.vimeo.com; img-src 'self' data: *.blogspot.com *.etsystatic.com *.facebook.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googleusercontent.com *.gstatic.com *.stripe.com *.tripadvisor.com videodelivery.net *.videodelivery.net *.vimeocdn.com *.ytimg.com; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' blob: 'nonce-S2VuTWNDYWxsdW1DU1BOb25jZQ==' *.addthis.com *.cloudflare.com *.ctctcdn.com *.facebook.net *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.jscache.
strict-transport-security: max-age=15552000; includeSubDomains

Links to (8)

Linked from (1)

smallbusinessbritain.uk×2