sanctuary.co.uk
HTML metadata
Technology
- Server
- nginx
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (1)
- www.googletagmanager.com×1
Registration
- Registrar
- CSC Corporate Domains, Inc
- Created
- 1995-08-22
- Expires
- 2026-08-22 93 days left
- Updated
- 2025-08-19
- Name servers
-
- dns1.cscdns.net.
- dns2.cscdns.net.
DNS records live
- NS
-
- dns1.cscdns.net
- dns2.cscdns.net
- MX
-
- 10 eu-smtp-inbound-1.mimecast.com
- 10 eu-smtp-inbound-2.mimecast.com
- TXT
-
Show 8 TXT records
have-i-been-pwned-verification=4917092a03396abc6f9812f078febd0datlassian-sending-domain-verification=e2e4fbfc-0633-4d86-9246-27fa5e8add26Cc5eFkbO6JZ3g3Pwi2BY0biEW0CElUSjDBjPUidpXfm74EE0Ua6F1+M1A/yvTJn4CRhNT/1OUw3qKOQoyGe4mw==Gg/MokuOSvXf1hvxvciVzyGLqq6BN4WHmsg+/EBphF3DIyYzh2cIYOjqP1jUAA7vcIp33jBNtfSHkg7xOJ4CNQ==SYCnp07J8n5/6ksQW9oAMRatCyCnozdgY4xRTYW+1R1FcKyZDBdIib2fXRtpHYZD8MhGn5v8DcogCdSPJ10A0w==0ed1fe018ae5b17d7514d5413da0c5a4b57c65a9c3cloudflare_dashboard_sso=3b782b0da4ac40cf53f1af31bdc6b40bknowbe4-site-verification=cca48c48ad873274c2aae670afb4187a
- Verified for
-
- 1Password
- Apple
- Atlassian
- DocuSign
- GlobalSign
- Meta
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:_u.sanctuary.co.uk._spf.smart.ondmarc.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; pct=100; sp=reject; rua=mailto:7bb54f35@inbox.ondmarc.com; ruf=mailto:7bb54f35@inbox.ondmarc.com; adkim=r; aspf=r; fo=0; rf=afrf; ri=3600policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
GlobalSign RSA OV SSL CA 2018
Expires in 136 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
ALLOW-FROM https://www.google-analytics.com- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' *.cloudflare.com https://unpkg.com *.unpkg.com *.gstatic.com *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net *.vimeo.com *.onetrust.com *.newrelic.com *.nr-data.net *.hotjar.com *.jsdelivr.net *.pingdom.net *.klastaf.com *.cqc.org.uk *.carehome.co.uk *.facebook.com *.facebook.net *.gtranslate.net *.mediahawk.co.uk https://v4in1-si.click4assistance.co.uk https://consent.cookiebot.com https://consentcdn.cookiebot.com https://consent.cookiebot.eu https://consentcdn.cookiebot.eu https://connect.facebook.net https://services.postcodeanywhere.co.uk; object-src 'self'; style-src 'self' 'unsafe-inline' 'report-sample' *.googleapis.com *.jsdelivr.net *.cloudflare.com *.hotjar.com *.cqc.org.uk *.carehome.co.uk *.gstatic.com *.facebook.com *.gtranslate.net https://unpkg.com https://services.postcodeanywhere.co.uk; img-src 'self' data: *.gstatic.c- strict-transport-security
max-age=31536000