indexo.dev

vocalink.com

.com crawl

First seen 2026-04-18 · Last seen 2026-05-09 · ok HTTP/1.1 200 6936 ms crawled 2026-05-12

GB · 20.90.134.22 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Powering the U.K.'s economy | Vocalink by Mastercard
Description
We design and build real-time account-based payments infrastructures, applications and services
Language
en
Canonical
/

Open Graph

url
/
title
Powering the U.K.'s economy
description
Our technology powers Britain's real-time payment, batch payment and cheque image clearing services, plus over 47,000 ATMs.

Technology

Cookie consent
  • OneTrust
Social widgets
  • Twitter Widget

Third-party hosts loaded (4)

  • assets.adobedtm.com×1
  • cdn.cookielaw.org×1
  • code.jquery.com×1
  • platform.twitter.com×1

Social

Contact

Address
rd sitesAccount-based paymentsMastercard NewsroomMastercard.comPriceless.com© 2026

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2003-03-29
Expires
2027-03-29 314 days left
Updated
2026-03-25
Name servers
  • ns0.bt.net
  • ns1.bt.net
  • ns2.bt.net

DNS records live

NS
  • ns0.bt.net
  • ns1.bt.net
  • ns2.bt.net
MX
  • 10 eu-smtp-inbound-2.mimecast.com
  • 5 eu-smtp-inbound-1.mimecast.com
TXT
Show 19 TXT records
  • _u4efp4iys790g1vl8x2rm6mzongmshe
  • _2ne5pwzv4cz158y0kkg60q2k49l28gc
  • _25aikjr3rahi28vi7wht7crnwyvil4w
  • SFnH4+7q4uJy5pl6fL5CDhBmQ6wigbNsm9IjisFrciZevNP/JqK6OWeRGmBwr/LfiDLc65ftVBiZyLy7bN8Vsw==
  • MS=872F6128728E8DD893A7D1EEAF5BEBB623DDDBF5
  • 7d7j2j1kqwffb33l6mgpkw8nm5xdn76w
  • hthphp7m4dpsfpm5jhqdl9qqv7yclg30
  • _0rhpqxcnai8tb8xcjmjqvxsp6r9ff3p
  • MS=ms71165770
  • google-site-verification=zY3hIOyTqyoYwDlMtlrU3iJ6vFLXtk1e9_qPiDXo2Vw
  • _jms37a9l5r3yqiegvcgbkojjqsoo28x
  • 7mv2bzsn1ms55cfl942r78yxwv6xxcqx
  • ms-domain-verification=13b9b6e2-714a-4567-b7e3-813e5497bac5
  • f57cftzx70485n7q5lktsz3z9j2qk077
  • kq1blpnr9jc0zgbjjbtv39nq8df3r7tw
  • ms-domain-verification=bf170471-4f65-45cc-b89e-bf1d5e6ed8b1
  • cpcr0lr1t3ds2nfccs0njs09g787xf94
  • 7v4rzk6vdqmvf9qdkyj2yp346ztvxsl8
  • 69p7qvrrd17r7l4s2718xkhdwj5vm8yh

Email authentication strong

SPF
v=spf1 a mx ip4:194.61.123.62 ip4:194.61.123.63 ip4:86.12.143.45 ip4:213.165.64.0/23 ip4:132.145.8.177 include:cmail1.com include:deliverygateways.mastercard.com include:eu._netblocks.mimecast.com include:spf.mailjet.com include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_agg@auth.returnpath.net; ruf=mailto:dmarc_afrf@auth.returnpath.net
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-03-10 to 2026-09-25
Expires in 129 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://vocalink.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' *.ceros.com *.twitter.com *.azure.com *.cookielaw.org *.vimeo.com *.google.com *.jquery.com *.gstatic.com assets.adobedtm.com *.onetrust.com smetrics.mastercard.com 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-hashes' *.twitter.com 'unsafe-inline';connect-src 'self' *.linkedin.com *.azure.com *.cookielaw.org *.onetrust.com dpm.demdex.net smetrics.mastercard.com *.google.com ;font-src 'self' website.com;img-src 'self' data: https: *.cookielaw.org;media-src 'self' website.com;object-src 'self' website.com;frame-ancestors 'self' website.com *.ceros.com *.vimeo.com *.google.com mastercard.my.salesforce-sites.com;frame-src 'self' *.twitter.com *.ceros.com *.vimeo.com *.google.com mastercard.my.salesforce-sites.com
strict-transport-security
max-age=2592000

Links to (6)

Linked from (1)