sarasinbreadstreet.com
sarasinbreadstreet.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- Analytics
-
- Google Analytics
- Google Tag Manager
- Cookie consent
-
- Cookiebot
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (5)
- player.vimeo.com×2
- www.googletagmanager.com×2
- consent.cookiebot.com×1
- gmpg.org×1
- www.google-analytics.com×1
Social
Contact
- Phone
Registration
- Registrar
- IONOS SE
- Created
- 2022-03-08
- Expires
- 2027-03-08 291 days left
- Updated
- 2022-03-08
- Name servers
-
- ns1027.ui-dns.org
- ns1041.ui-dns.biz
- ns1051.ui-dns.de
- ns1102.ui-dns.com
DNS records live
- NS
-
- ns1027.ui-dns.org
- ns1041.ui-dns.biz
- ns1051.ui-dns.de
- ns1102.ui-dns.com
- MX
-
- 10 mail.sarasin.co.uk
- 10 mail2.sarasin.co.uk
- 15 mail4.sarasin.co.uk
- 5 mail3.sarasin.co.uk
- TXT
-
utvbgu03l8tj7ngd6kv34jmg2q
Email authentication partial
- SPF
-
v=spf1 mx -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc-sap@sarasinbreadstreet.compolicy: none (monitoring only) - DKIM
-
- s1:
v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYyVIljaVKgI7vaqLaBgC03I4BUtvg/gYBx8AVqCOsO2FhXRAl/eAe/iKt6UA/cBOBbEfq292RkrLJM54C/zD…
selectors probed - s1:
Certificate (current)
WE1
Expires in 58 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://region1.analytics.google.com https://consent.cookiebot.com https://www.googletagmanager.com https://extend.vimeocdn.com https://e.infogram.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://snap.licdn.com https://scripts.sophus3.com https://cdn.matomo.cloud https://www.stoneshot.com https://static.ads-twitter.com https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://p.typekit.net https://use.typekit.net https://use.fontawesome.com; img-src 'self' https://www.google.co.uk https://imgsct.cookiebot.com https://px.ads.linkedin.com https://t.co https://analytics.twitter.com https://beacon.matomo.cloud data:; font-src 'self' https://use.typekit.net https://p.typekit.net https://use.fontawesome.com data:; frame-ancestors 'self'; form-action 'self'; frame-src 'self' https://www.mail-sarasin.com https://player.vimeo.com https://consentcdn.cookiebot.com;- strict-transport-security
max-age=31536000; includeSubDomains; preload