nwg.co.uk

.uk crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 1505 ms crawled 2026-05-15

SE · 217.114.94.2 · AS30811 Optimizely AB

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: NWG living water
Description: NWG living water
Language: en

Open Graph

url: https://www.nwg.co.uk
title: NWG living water
site name: NWG living water

Technology

CDN: Cloudflare

Analytics

Google Analytics
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (11)

cdn.jsdelivr.net×3
cdnjs.cloudflare.com×2
fonts.googleapis.com×2
www.googletagmanager.com×2
ajax.googleapis.com×1
apis.google.com×1
fast.wistia.com×1
fast.wistia.net×1
www.google-analytics.com×1
www.google.com×1
www.gstatic.com×1

Social

DNS records live

NS

ns0.bt.net
ns1.bt.net
ns2.bt.net

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

google-site-verification=J5BfLl-skpOelifaz8bnzr0kT2KD87R6RLDuBVX2FcE
MS=ms55897627

Email authentication partial

SPF: v=spf1 include:eu._netblocks.mimecast.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:23b0b735c7e0398@rep.dmarcanalyzer.com; ruf=mailto:23b0b735c7e0398@for.dmarcanalyzer.com; fo=1
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-03-24 to 2026-06-22

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nwg.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: child-src 'self'; connect-src 'self' *.analytics.google.com *.aptrinsic.com *.cookiebot.com *.decibel.com *.decibelinsight.net *.facebook.com *.flippingbook.com *.google-analytics.com *.google.co.uk *.google.com *.googleapis.com *.hotjar.com *.interactive-img.com *.kampyle.com *.litix.io *.medallia.eu *.mouseflow.com *.pure.cloud *.reciteme.com *.veritonicmetrics.com/ *.wistia.com *.wistia.net api.srv247app.com ask.hotjar.io browser.sentry-cdn.com cdn.jsdelivr.net chats.landbot.io collection.decibelinsight.net https://atr-eu.veritonicmetrics.com/ https://cdn.veritonic.com/ https://content.hotjar.io https://dc.services.visualstudio.com https://google.com/pay https://kappa-nwl-webapp1-prod.azurewebsites.net https://metrics.hotjar.io/ https://stats.g.doubleclick.net https://vc.hotjar.io https://webservices.data-8.co.uk https://www.googletagmanager.com ib.adnxs.com interactive-img.com js.monitor.azure.com kappa-esw-webapp1-prod.azurewebsites.net messages.landbot.io sitepixel.blis.com stats
strict-transport-security: max-age=31536000; includeSubDomains

Links to (9)

Linked from (1)

nwl.co.uk×1