talentshift.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 6710 ms crawled 2026-05-15

US · 20.49.104.39 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title: Home | TALENT SHIFT
Language: en-us
Canonical: https://www.talentshift.com/

Open Graph

url: https://www.talentshift.com/
title: Home | TALENT SHIFT
site name: Talentshift

Technology

CDN: Azure Front Door

Analytics

Google Tag Manager

Cookie consent

OneTrust

Fonts

Google Fonts

Third-party hosts loaded (4)

fonts.googleapis.com×2
cdn.cookielaw.org×1
fonts.gstatic.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2003-11-27

Expires

2026-11-27 190 days left

Updated

2025-11-28

Name servers

pdns98.ultradns.biz
pdns98.ultradns.com
pdns98.ultradns.net
pdns98.ultradns.org

DNS records live

NS

pdns98.ultradns.biz
pdns98.ultradns.com
pdns98.ultradns.net
pdns98.ultradns.org

MX

0 talentshift-com.mail.protection.outlook.com

Verified for

Zoom

Email authentication strong

SPF

v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVyj/yFmwfku3TxqEm4U8NjYXmzsaUGtGpleN5rYGJnAXmuLazz7y4cuRABs/dEpJaFr3CIyqBhKLJ…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2J55n5CV/1VVVhvHGiD0kTw+zfUgcimuutMDoea84dp8tkCFuBPxLReY16zUhbQVa5axnkPPZnAfa+…

selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-02-23 to 2026-08-24

Expires in 95 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.talentshift.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.g.doubleclick.net *.googleadservices.com *.iqm.com *.cookielaw.org *.vimeo.com tags.srv.stackadapt.com resources.forvis.com resources.forvismazars.us *.googletagmanager.com *.knowledgeowl.com *.wistia.com *.bugherd.com *.jquery.com *.googleapis.com *.gstatic.com *.google.com *.google-analytics.com *.facebook.net *.youtube.com *.twitter.com *.marketo.net *.eloqua.com *.tableau.com *.jsdelivr.net *.flourish.studio acsbapp.com; style-src 'self' 'unsafe-inline' tags.srv.stackadapt.com resources.forvis.com resources.forvismazars.us *.knowledgeowl.com *.googleapis.com *.gstatic.com *.bootstrapcdn.com *.google.com *.twimg.com *.typekit.net *.fontawesome.com; font-src * data:; img-src * data:; media-src 'self' data: blob: *.wistia.com; frame-src 'self' resources.forvis.com resources.forvismazars.us *.libsyn.com *.bkd.com *.yumpu.com *.brightcove.net *.knowledgeowl.com *.twitter.com *.youtube.com *.vimeo.com vimeo.com *.sound
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (1)

linkedin.com×2

Linked from (2)

forvismazars.us×1
forvis.com×1