indexo.dev

shawbrook.co.uk

.uk crawl

First seen 2026-04-20 · Last seen 2026-05-17 · ok HTTP/1.1 200 4265 ms crawled 2026-05-14

US · 159.60.150.161 · AS35280 F5 Networks SARL

Reputation 100/100

Classifying

HTML metadata

Title
Shawbrook | Savings, Loans, Business & Property Finance
Description
Shawbrook: Award-winning savings and lending bank, offering personal loans, buy-to-let and commercial mortgages, business finance, and savings accounts
Language
en
Canonical
https://www.shawbrook.co.uk/

Open Graph

url
https://www.shawbrook.co.uk/
title
Shawbrook | Savings, Loans, Business & Property Finance
site name
Shawbrook | Savings, Loans, Business & Property Finance
description
Shawbrook: Award-winning savings and lending bank, offering personal loans, buy-to-let and commercial mortgages, business finance, and savings accounts

Technology

CDN
Azure Front Door
Server
volt-adc
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • try.abtasty.com×1
  • widget.trustpilot.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
CSC Corporate Domains, Inc
Created
2007-07-06
Expires
2026-07-06 48 days left
Updated
2025-07-02
Name servers
  • ns1.netnames.net.
  • ns2.netnames.net.
  • ns5.netnames.net.
  • ns6.netnames.net.

DNS records live

NS
  • ns1.netnames.net
  • ns2.netnames.net
  • ns5.netnames.net
  • ns6.netnames.net
MX
  • 10 eu-smtp-inbound-1.mimecast.com
  • 10 eu-smtp-inbound-2.mimecast.com
TXT
Show 23 TXT records
  • atlassian-domain-verification=BK9TZmt1V4Z0YFhWwjfKX/gURM6lKCAGnDu47DEl65hSceVxZCmakVcOEq2lUXm9
  • docusign=190aa9b3-4f30-471b-947e-13e7d3fa1ff3
  • _hugnfj5b5pcviunjf1j25xoy2l56lxz
  • anthropic-domain-verification-0cv461=0ExhbyJ9tWuLjmLKKnqTRO889
  • facebook-domain-verification=yur46r8xc0rnr58ymdn2kupe4z2ihw
  • access-domain-verification=59ed7427aed331d038e912c9e4b88949db2b5a0e3ee9f4b86bc485616a2de7c5
  • 0ed1fe018ae6e77a96d27c44e6952bcaebcc28b7e2
  • 0ed1fe018a28add1f39ca84bc6ad7e41e8641d61bb
  • PqjienfyXAEDAnaUyoIbiC3VaImUrKgwqSTzlfvr625Rsq7IuPcyc+lp9Vf5cA0yt1pUu9HkUKLXkRSP+rubGg==
  • google-site-verification=tkt5BIH1lEMjZPrNx6ZZtaaoeM-J4P1RE7e15b13o64
  • openai-domain-verification=dv-IiuNmCRmIHPwk1llKqyWyaiw
  • _p6px3gq0onwgljqs4fyeo4tv2d2b7ah
  • wiz-domain-verification=375857f0f0deea2296130418000943d8e5133fc5cefcb5909010271edf998d76
  • drpwjs6h35vbpjh64w5qfnffkddnlyn2
  • miro-verification=0896777b854eb6b4fdbed5683b9de55b38eb221d
  • MS=ms72350158
  • g5qvf0vdyp47626kqj1497r4w3tp9mh5
  • docusign=37a6320d-e0f5-499c-9daa-f8ad1dcd1cbe
  • nf62vpgtcc5knrcy21bn0xq3scphmmm4
  • 066qc3716b3yq16xcvg02j1nf123bnk1
  • access-domain-verification=e4ec05f8067f120f1c167e8fe8ce25a99fb7f06b1d2ba7e56be449b6392d4664
  • onetrust-domain-verification=941fe670af90422c8af13317da9cc491
  • postman-domain-verification=54d6a5112552f6b4e56664c498da9704cea847a39f72fb22033628d2a3614e0366a9e1199cd25fa9c4a8c160f55a0726e20444cccdffbc295dcd810438c58c59

Email authentication strong

SPF
v=spf1 mx a include:spf.protection.outlook.com include:eu._netblocks.mimecast.com include:spf.exclaimer.net include:sendgrid.net ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine; pct=100; rua=mailto:dmarc.notifications@shawbrook.co.uk; ruf=mailto:dmarc.failures@shawbrook.co.uk; fo=1
policy: quarantine · sp=quarantine
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KTslgbAdCwnEwj6NuzZ2GScfbulJms3vQL1yHm9DjSefz7WqOvYASfUosdfq9G6dsvxk9WQd9EzFtemBn…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhw3JjDCqUIE0L52I5m9QWROHTf9IKwcp4wQKgFMtuXyNQ5f1epNZoqaK/NHb1DKhNJ/aTP1rfloYCyOifWFYrhL…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-01-06 to 2027-01-29
Expires in 255 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.shawbrook.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin
x-frame-options
sameorigin
permissions-policy
accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=(),geolocation=(self),browsing-topics=()
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' try.abtasty.com; connect-src * 'unsafe-inline' *.abtasty.com; img-src * data: blob: 'unsafe-inline' editor-assets.abtasty.com; frame-src * 'self'; style-src * 'unsafe-inline' try.abtasty.com; worker-src * blob: 'unsafe-inline';
strict-transport-security
max-age=31536000
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (5)

Linked from (3)