indexo.dev

mkm.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-15 · ok HTTP/1.1 200 1177 ms crawled 2026-05-13

US · 104.20.32.164 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
MKM Building Supplies | Your local experts
Description
The UKs proper builders' merchant. Explore our range of building materials, timber, landscaping, plumbing, heating, bathroom, kitchens and more. Open to trade and public. Open a trade account today for great terms and benefits.
Language
en
Generator
Vue Storefront 2
Canonical
https://mkm.com

Technology

CDN
Cloudflare
Analytics
  • Google Analytics
  • Google Tag Manager
Cookie consent
  • Usercentrics
Third-party hosts loaded (9)
  • mkmbs.bloomreach.io×52
  • web.cmp.usercentrics.eu×2
  • www.googletagmanager.com×2
  • cdn.speedcurve.com×1
  • cdn11.bigcommerce.com×1
  • edge.fullstory.com×1
  • survey.survicate.com×1
  • surveys-static-prd.survicate-cdn.com×1
  • www.google-analytics.com×1

Social

Contact

Phone

Registration

Registrar
GoDaddy.com, LLC
Created
1995-11-30
Expires
2027-11-29 558 days left
Updated
2025-03-31
Name servers
  • eugene.ns.cloudflare.com
  • priscilla.ns.cloudflare.com

DNS records live

NS
  • eugene.ns.cloudflare.com
  • priscilla.ns.cloudflare.com
MX
  • 15 eu-smtp-inbound-1.mimecast.com
TXT
Show 9 TXT records
  • google-site-verification=dLRCL4Efu3xVvwHcV3IaZ5rs3CRy2Kfxxb-0mk5vqR0
  • tacklephishing-domain-verification=6bb866fa02c4477dad362dba58ae7e54
  • v=verifydomain MS=7663986
  • 0ed1fe018a81f322c97ff94b838d067832ffdcc4f9
  • 29da398cb458564316aca83c0e226dcd
  • 7behubikv245lae1h1jci8op1g
  • CKO=cli_acq4y6764u4ehgdgvf5ecu7ngq
  • atlassian-domain-verification=OEj2aawKx421ZiT3Qr12otgb44aopgOMYOfq4nCLwp1Y849J2MQL2OFlChehEc/s
  • facebook-domain-verification=8x4st2mz093pqe3pj9ji10uxalqmg1

Email authentication strong

SPF
v=spf1 include:mailgun.org include:spf.protection.outlook.com include:eu._netblocks.mimecast.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:9196b141413c4f7799111befef992b5c@dmarc-reports.cloudflare.net,mailto:1b08ee5011dd203@rep.dmarcanalyzer.com; ruf=mailto:1b08ee5011dd203@for.dmarcanalyzer.com; fo=1;
policy: reject (enforced)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEKPvXz1kBiQVEoxN9sLKMweTWxm4evAVLCBOUvliTpyMqoZtAphiTxRnAmm7y3qjO4lKPXgSSYDduN1L8…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+XYRLMRNPCAhT2FLYDm15ryXBRXYAE0n+Jy+BbcbsDV2Iwl/DJpnb40nxPPa0XCpXDBat0bdgFYCEr2ScbKQjpD…
selectors probed

Certificate (current)

WE1
from 2026-04-11 to 2026-07-10
Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://mkm.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • weak content type protection
  • missing Referrer Policy
Header values
permissions-policy
geolocation=(self "https://mkm.com"), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(), payment=(self "https://app-uat.prommt.com" "https://uat.prommt.com")
x-content-type-options
nosniff, nosniff
content-security-policy
base-uri 'self' https://api.uk.exponea.com/; font-src 'self' https: data:; form-action 'self' https://*.facebook.com https://www.facebook.com/tr/; frame-ancestors 'self' https://mkmbs.bloomreach.io https://app-uat.prommt.com https://uat.prommt.com; object-src 'none'; script-src-attr 'none'; script-src 'self' 'nonce-s1KTaaR3iZV4d7YVA3g54A==' 'strict-dynamic' https://www.googletagmanager.com https://web.cmp.usercentrics.eu ; style-src 'self' https: 'unsafe-inline'; report-uri https://mkm.com/api/csp-reports; img-src 'self' data: https://*; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (7)

Linked from (4)