theaco.uk

.uk crawl

First seen 2026-04-20 · Last seen 2026-05-10 · ok HTTP/1.1 200 1929 ms crawled 2026-05-13

US · 162.159.140.98 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: The ACO (Association of Camera Operators)
Description: The Association of Camera Operators is a voluntary organisation of professional camera operators who work in feature films, TV dramas, and commercials.
Language: en
Canonical: https://theaco.uk/home

Open Graph

url: https://theaco.uk/home
title: The ACO (Association of Camera Operators)
site name: The ACO (Association of Camera Operators)
description: The Association of Camera Operators is a voluntary organisation of professional camera operators who work in feature films, TV dramas, and commercials.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

cdn.jsdelivr.net×2
cdn.plyr.io×2
fonts.googleapis.com×2
code.jquery.com×1
fonts.gstatic.com×1
kit.fontawesome.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC.

Created

2024-04-04

Expires

2027-04-04 320 days left

Updated

2025-01-26

Name servers

ns1.digitalocean.com.
ns2.digitalocean.com.
ns3.digitalocean.com.

DNS records live

NS

ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com

TXT

google-site-verification=00rA3dNt_OJi15xL-p7hGzAyfKJcZSannkSSD4esotc

Email authentication no MX

SPF: v=spf1 include:_spf.smtp.mailtrap.live ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:dmarc@smtp.mailtrap.live; ruf=mailto:dmarc@smtp.mailtrap.live; rf=afrf; pct=100
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-08 to 2026-07-07

Expires in 49 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://theaco.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://theaco.lond1.digitaloceanspaces.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://cdn.plyr.io https://player.vimeo.com https://*.datatables.net https://*.squarecdn.com https://*.fontawesome.com https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://www.googletagmanager.com https://*.jsdelivr.net https://cdnjs.cloudflare.com/ https://code.jquery.com/; connect-src 'self' https://api.stripe.com https://m.stripe.com https://m.stripe.network https://q.stripe.com https://*.squarecdn.com https://vimeo.com https://cdn.plyr.io https://*.squareup.com https://connect.squareup.com https://sandbox.connect.squareup.com https://pci-connect.squareup.com https://o160250.ingest.sentry.io https://*.google-a
strict-transport-security: max-age=31536000; includeSubDomains

Links to (16)

Linked from (1)

theaco.net×2