trussell.org.uk
HTML metadata
Technology
- CDN
- Vercel
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (5)
- at.alicdn.com×1
- c.webtrends-optimize.com×1
- cc.cdn.civiccomputing.com×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Contact
- Address
- st a registered charity in England & Wales (11105
Registration
- Registrar
- 123-Reg Limited t/a 123-reg
- Created
- 2022-12-21
- Expires
- 2027-12-21 580 days left
- Updated
- 2024-08-03
- Name servers
-
- miles.ns.cloudflare.com.
- nancy.ns.cloudflare.com.
DNS records live
- NS
-
- miles.ns.cloudflare.com
- nancy.ns.cloudflare.com
- MX
-
- 0 d239799.a.ess.uk.barracudanetworks.com
- 0 d239799.b.ess.uk.barracudanetworks.com
- TXT
-
Show 10 TXT records
onetrust-domain-verification=9ec1232ee86b4f8692f213815652093aMS=ms43394752access-domain-verification=a7e9b687030476814d3af1d0c3ab814223487a6fcab551060e27572ff37082abapple-domain-verification=eKMhLhyRKhl0gR6natlassian-domain-verification=7Ah49n3WsyI7wXMl2Z8FbqUJS/kNqLCOfrd0nmOZAHqtivJUaelEtMbPdmB/Q4vnatlassian-sending-domain-verification=5c47aed8-ba51-478d-93fc-c72edef931e1canva-site-verification=ZM6Y5EsfithYgtTn3C9chgdocusign=7adcde15-labe-42dc-a45a-6a8334b2ecbfgoogle-site-verification=99enuvDBf-xjtYDxUhyrrvY4ByTLAaxIeGU8QkgbHiUgoogle-site-verification=nNe7LgtRncrY172Z7zQahV7m6qAFRmHEJtZh1turt84
Email authentication partial
- SPF
-
v=spf1 ip4:79.75.42.85 include:spf.ess.uk.barracudanetworks.com include:_spf.salesforce.com include:spf1.formassembly.com include:mandrillapp.com include:spf.protection.outlook.com include:servers.mcsv.net include:spf.xledger.net ip4:192.254.125.237 ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; pct=100; rua=mailto:dmarcreports@trussell.org.uk,mailto:re+gticmvjiyqf@dmarc.postmarkapp.com; ruf=mailto:dmarcreports@trussell.org.uk; adkim=r; aspf=rpolicy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKstTV0RhEwWdjwifpYfrfyR05tvuywXRc6M5+Xzlp+rHL1t+YwnRwS4O7DF2FrD0jRBmQoKi0joTf… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - selector1:
Certificate (current)
R13
Expires in 66 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self'; connect-src 'self' sentry.io https://*.sentry.io *.sentry.io https://apikeys.civiccomputing.com https://www.googletagmanager.com https://maps.googleapis.com https://*.google-analytics.com https://connect.facebook.net https://clapi.civiccomputing.com https://*.azurewebsites.net https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.youtube.com https://vimeo.com https://www.google.com https://*.trussell.org.uk https://analytics.tiktok.com https://public.flourish.studio https://*.webtrends-optimize.com https://*.wtopt.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://browser.sentry-cdn.com https://js.sentry-cdn.com https://cc.cdn.civiccomputing.com https://www.googletagmanager.com https://www.google.com/recaptcha/ https://s3.amazonaws.com https://www.gstatic.com/recaptcha/ https://maps.googleapis.com https://*.list-manage.com https://*.turn2us.org.uk https://*.google-analytics.com https://connect.facebook.net https://clapi.civiccomputin- strict-transport-security
max-age=31536000; includeSubDomains; preload
Links to (6)
- bsky.app×2
- facebook.com×2
- instagram.com×2
- linkedin.com×2
- tiktok.com×2
- twitter.com×2