together4bristol.org.uk
together4bristol.org.uk
HTML metadata
Technology
- CMS
- Joomla
- Analytics
-
- Google Tag Manager
- Social widgets
-
- Twitter Widget
Third-party hosts loaded (4)
- 1462.churchinsight.com×1
- js.stripe.com×1
- platform.twitter.com×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- 123-Reg Limited t/a 123-reg
- Created
- 2016-04-11
- Expires
- 2031-04-11 1786 days left
- Updated
- 2026-04-12
- Name servers
-
- ns31.domaincontrol.com.
- ns32.domaincontrol.com.
DNS records live
- NS
-
- ns31.domaincontrol.com
- ns32.domaincontrol.com
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- Verified for
-
Email authentication weak
- SPF
- not published
- DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
R13
Expires in 79 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(*),midi=(),sync-xhr=(*),microphone=(),camera=(*),magnetometer=(*),gyroscope=(*),fullscreen=(*),payment=(*)- x-content-type-options
nosniff- content-security-policy
default-src https: wss:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; media-src https: blob:; worker-src https: blob:; frame-ancestors https:; form-action 'self' https:;- strict-transport-security
max-age=31536000; includeSubDomains