tauck.co.uk

HTML metadata

Technology

Server

Microsoft-IIS

Analytics

• Google Tag Manager

Third-party hosts loaded (3)

• www.tauck.com×8
• api.tiles.mapbox.com×1
• www.googletagmanager.com×1

Social

• facebook
• instagram
• youtube

Contact

Phone

• 0800-810-8020

DNS records dead

NS

• ns3.worldnic.com
• ns4.worldnic.com

MX

• 10 mx.usa.net
• 20 mx.ct.mbox.net

TXT

• _ad86yutmclttxymiutoq8mezve6w8nb
• gxgsbldpc01tpp0ftz2sfck9tp68vfbr

Verified for

• GlobalSign
• Microsoft 365

Email authentication weak

SPF

v=spf1 mx ip4:12.111.58.66 ip4:46.25.70.0/24 ip4:195.188.244.0/24 ip4:194.72.251.0/24 ip4:20.68.185.242 include:spf.usa.net include:sent-via.netsuite.com include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

not published

DKIM

no key found at common selectors

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.tauck.co.uk/

present

• strict-transport-security
• content-security-policy
• x-frame-options

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• facebook.com×1
• instagram.com×1
• tauck.com×1
• youtube.com×1