thecultivist.com

HTML metadata

Title: The Cultivist
Description: The Cultivist is a membership club and creative agency that gets you closer to the art and the artists that matter. Brand activations. Art Travel. Art Concierge. Exclusive Events. Curated Itineraries. Loyalty Programmes.
Language: en
Canonical: https://www.thecultivist.com

Open Graph

url: https://www.thecultivist.com
title: The Cultivist
site name: The Cultivist
description: The Cultivist is a membership club and creative agency that gets you closer to the art and the artists that matter. Brand activations. Art Travel. Art Concierge. Exclusive Events. Curated Itineraries. Loyalty Programmes.

Technology

CDN: Cloudflare
CMS: Nuxt

Analytics

Google Tag Manager

Social widgets

Vimeo Embed

Third-party hosts loaded (4)

d3e6228u5bjptc.cloudfront.net×4
js.stripe.com×1
player.vimeo.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2014-11-13

Expires

2029-11-13 1273 days left

Updated

2024-11-14

Name servers

drew.ns.cloudflare.com
lana.ns.cloudflare.com

DNS records live

NS

drew.ns.cloudflare.com
lana.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 4 TXT records

amazonses:979XD3UAnRjQ1oF83Ic18P0z8qeKm3oolz8ok/9ZlKQ=
google-site-verification=27joyVL9XrQAYT_xT6M1ccxS454vmjF2AZ-7uOTHFk4
google-site-verification=iNniuVmebLqWZNKGKMavxssMHNzBuCVwHtwC7-g_pVc
0ae240494b810e961be8e483d0f3b4bd

Email authentication strong

SPF: v=spf1 mx include:_spf.salesforce.com include:aspmx.pardot.com include:_spf.google.com include:mailgun.org -all
strict (-all)
DMARC: v=DMARC1; p=reject; sp=reject; adkim=r; aspf=r; pct=100; fo=1; rf=afrf; ri=86400; rua=mailto:bed10ba@dmarc.mailgun.org,mailto:b919cd1b@inbox.ondmarc.com,mailto:dmarc@thecultivist.com; ruf=mailto:bed10ba@dmarc.mailgun.org,mailto:b919cd1b@inbox.ondmarc.com,mailto:dmarc@thecultivist.com;
policy: reject (enforced) · sp=reject
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-03 to 2026-07-03

Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.thecultivist.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; connect-src 'self' *.thecultivist.com cloudflareinsights.co analytics.google.com *.googletagmanager.com *.google-analytics.com *.doubleclick.net *.trackedweb.net https://api.stripe.com https://acsbapp.com https://*.acsbapp.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com https://acsbapp.com https://*.acsbapp.com; form-action 'self'; frame-src 'self' *.googletagmanager.com *.google-analytics.com https://js.stripe.com https://hooks.stripe.com https://acsbapp.com https://*.acsbapp.com *.doubleclick.net *.vimeo.com *.youtube.com; img-src 'self' data: blob: *.cloudfront.net cultivistuser.s3.eu-west-2.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.google.com.ua fonts.gstatic.com https://acsbapp.com https://*.acsbapp.com *.vimeocdn.com *.ytimg.com; media-src 'self' https://acsbapp.com https://*.acsbapp.com; object-src 'none'; script-src 'self' ajax.cloudflare.com static.cloudflareinsights.com *.googletagmanager
strict-transport-security: max-age=15552000; includeSubDomains

Links to (2)

facebook.com×2
instagram.com×2

Linked from (1)

hellothirdeye.com×2