tastecard.co.uk
HTML metadata
Technology
- CDN
- Cloudflare
- Server
- CloudFront
- CMS
- Next.js
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- eu-images.contentstack.com×59
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns-1509.awsdns-60.org
- ns-1977.awsdns-55.co.uk
- ns-347.awsdns-43.com
- ns-674.awsdns-20.net
- MX
-
- 10 eu-smtp-inbound-1.mimecast.com
- 20 eu-smtp-inbound-2.mimecast.com
- TXT
-
Show 11 TXT records
t7qchfunmo9fin27u74g7f2stku8B/+ZY91C2YymUQyx7RYvkyxf4s78ApV8vPWrJP84RGMTWCkqy9FwLPdUG55M5QU91ZCF4H4nVUDIiB/C0yqg==yx73dq2qdq3zj0sqqkqdnhd57zmwz5cv00D0C0000000mNo=1TBQz00000001qX00D0C0000008ayx=1TBQ1000000028H00D3H0000008miH=1TBTA00000000zJ00D4J0000002p61=1TBQ500000001grValidity-Domain-Verification=q+bjqVAfT7hYTYtvgBey8c/r7ws=b6r8r363sv4b6l5m1vhxk1m3nhxwx8dnhbvktzfbc9fh8pspfmjn8z4qv477g5dflmvmp3h8uaokqdnmtdmdj2654o
- Verified for
-
- Apple
- Atlassian
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 ip4:188.39.184.204 ip4:172.82.231.128/25 ip4:34.251.175.211 ip4:34.249.169.199 include:eu._netblocks.mimecast.com include:spf.protection.outlook.com include:amazonses.com include:_spf.salesforce.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:1e581abaf6e4095@rep.dmarcanalyzer.com; ruf=mailto:1e581abaf6e4095@for.dmarcanalyzer.com; fo=1;policy: reject (enforced) - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmzjrInVx9/Ce4Px7jcyDX22NVpDO+Pl2XBp6rTPLAuR/ieijQhUghC5lznDlom8FE5yCdKVSYFaSmt4MpPM… - selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdL83BCtR2DYyuPCpWm7b8+7i98xVj6hB7zda+2KEH1RAaAT7lY0QmdLItXgmotvc0kRCb8KFD8gXNu9KpSA… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - default:
Certificate (current)
Amazon RSA 2048 M01
Expires in 184 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- missing Content Security Policy
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-opener-policy
unsafe-none- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
cross-origin- content-security-policy-report-only
default-src 'none'; script-src 'report-sample' 'unsafe-inline' 'self' https://js.stripe.com/ https://www.googletagmanager.com/ https://bat.bing.com/ https://www.dwin1.com/16164.js https://analytics.tiktok.com/i18n/ https://connect.facebook.net/ https://cdn.cookielaw.org/scripttemplates/otSDKStub.js https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850511572/; style-src 'report-sample' 'unsafe-inline' 'self'; form-action 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://cdn.cookielaw.org/ https://region1.google-analytics.com/ https://www.google-analytics.com/ https://www.google.com/ https://zunl7r6b5x-dsn.algolia.net/ https://testingu72jz6o2va-dsn.algolia.net/ https://pagead2.googlesyndication.com/ https://privacyportal-de.onetrust.com/ https://region1.analytics.google.com/ https://stats.g.doubleclick.net/ https://analytics.tiktok.com/; font-src 'self' data:; frame-src 'self' https://js.stripe.com/ https://www.googletagmanager.com/ https://td.doublecl