wholesalesweets.co.uk
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Next.js
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
- Fonts
-
- Google Fonts
Third-party hosts loaded (8)
- cdn-ukwest.onetrust.com×1
- dev.visualwebsiteoptimizer.com×1
- fonts.googleapis.com×1
- fonts.gstatic.com×1
- hcc2-media.s3.eu-west-2.amazonaws.com×1
- images.ctfassets.net×1
- static.zdassets.com×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- Cloudflare, Inc.
- Created
- 2003-12-24
- Expires
- 2026-12-24 216 days left
- Updated
- 2025-11-24
- Name servers
-
- cleo.ns.cloudflare.com.
- kristin.ns.cloudflare.com.
DNS records live
- NS
-
- cleo.ns.cloudflare.com
- kristin.ns.cloudflare.com
- MX
-
- 10 mx1.improvmx.com
- 20 mx2.improvmx.com
- TXT
-
Show 6 TXT records
22uealdqpcdlbnflquoteruleb2p6ktd19sdunob9ov820va01fl5yx43ydh28cfs8kmy9k4wpq0g2tf4bh5amazonses:+mBhxPe3VPsm0StgJAXeoN8OEdmpRgpetHJWvSXHGzo=g4wljtrwm1y3kkjqz7ldb6mxww2dc6qhla5iqjvd1p9eviuelpc1kpitah
Email authentication strong
- SPF
-
v=spf1 +a +mx +ip4:178.33.82.104 +ip4:95.154.249.80 +ip4:94.23.61.220 +a:esp03.esphosting.co.uk include:spf.improvmx.com ?allneutral (?all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:3f0eebc4a12f4fce8cde022fa1bfffff@dmarc-reports.cloudflare.net,mailto:dmarc@hancocks.co.uk;policy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
WE1
Expires in 33 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
camera=(), geolocation=(self), microphone=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; worker-src 'self' blob:; img-src 'self' *.zendesk.com *.googlesyndication.com *.bing.net https://www.google-analytics.com *.zdassets.com https://useruploads.vwo.io *.google.com *.google.co.in *.google.co.uk *.visualwebsiteoptimizer.com *.onetrust.com *.googletagmanager.com/ *.paypal.com *.stackpathcdn.com *.hancocks.co.uk *.wholesalesweets.co.uk https://images.ctfassets.net https://maps.gstatic.com data:; script-src 'self' *.zendesk.com *.googlesyndication.com *.bing.net *.smooch.io *.trustpilot.com/ *.doubleclick.net *.google.com *.wholesalesweets.co.uk https://www.google-analytics.com *.zdassets.com *.onetrust.com *.visualwebsiteoptimizer.com *.paypal.com https://www.googletagmanager.com *.paypalobjects.com *.braintreegateway.com https://fonts.gstatic.com https://maps.googleapis.com https://www.gstatic.com *.newrelic.com *.checkout.com 'unsafe-eval' 'unsafe-inline'; font-src 'self' *.zendesk.com https://fonts.googleapis.com https://fonts.gstatic.com https://use.- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-resource-policy
cross-origin
Links to (4)
Linked from (1)
- suweb.de×2