indexo.dev

aria.org.uk

.uk crawl

First seen 2026-04-12 · Last seen 2026-05-17 · ok HTTP/1.1 200 3319 ms crawled 2026-05-05

GB · 51.140.146.133 · AS8075 Microsoft Corporation

Reputation 95/100 weak security headers

sector government type homepage

HTML metadata

Title
Home
Description
Advanced Research + Invention Agency (ARIA) is an R&D funding agency built to unlock scientific and technological breakthroughs that benefit everyone.
Language
en

Open Graph

url
https://aria.org.uk/home
title
Home
description
Advanced Research + Invention Agency (ARIA) is an R&D funding agency built to unlock scientific and technological breakthroughs that benefit everyone.

Technology

Server
Kestrel
CMS
Nuxt
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • cdn-cookieyes.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
Virgin Media Business Ltd
Created
2021-01-22
Expires
2027-01-22 248 days left
Updated
2025-01-22
Name servers
  • guy.ns.cloudflare.com.
  • ullis.ns.cloudflare.com.

DNS records live

NS
  • guy.ns.cloudflare.com
  • ullis.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 13 TXT records
  • MS=ms43745125
  • MS=ms83150438
  • airtable-verification=1b87414785f8c8e74e618513588ff2af
  • apple-domain-verification=WWLg1zjili8wG0LT
  • asv=313f5b4b8e87e76f2e62632df2adb1a8
  • calendly-site-verification=tyMkGrxe67aOfKrQoLx2KgAjmCOccvQvxjvGj7bPT
  • google-site-verification=DuNvQVyvO6FeKKDrzEXoeZ5pLlD8j7EpiZuMyKvIuiY
  • miro-verification=94198e1484442773025429c903e3d619d1409c5c
  • notion-domain-verification=i5NUWiPkWrKn7I05YboADpng6hqWANJHQ0BrOyj89Yp
  • openai-domain-verification=dv-DCno99fcVxmLeqGZlTi61sAj
  • slack-domain-verification=R8b9gqwKNgdvfYQm05caufDcyo9Fg9VDaYFYwGsM
  • v=spf1 include:_spf.google.com -all
  • 0ed1fe018a432d833e3f634170905f78c538d50ba2

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-01-05 to 2027-02-06
Expires in 263 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://aria.org.uk/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' data: *.connectidfeed.com *.shorthandstories.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.licdn.com *.youtube.com *.google.com *.gstatic.com https://cdn-cookieyes.com https://www.googletagmanager.com https://aria.org.uk *.intercom.io *.intercomcdn.com *.contentsquare.net *.hj.contentsquare.net *.shorthandstories.com analytics.shorthand.com gateway.shorthand.com; style-src 'self' 'unsafe-inline' data: *.googleapis.com *.shorthandstories.com; img-src 'self' data: *.hotjar.com *.contentsquare.net *.linkedin.com *.gravatar.com https://cdn-cookieyes.com https://app-aria-cd-prod.azurewebsites.net *.intercomassets.eu *.intercomcdn.com *.intercomcdn.eu *.shorthandstories.com https://www.googletagmanager.com; font-src 'self' data: *.gstatic.com; form-action 'self' ; frame-src 'self' data: *.youtube.com *.vimeo.com *.google.com *.gstatic.com *.hotjar.com *.contentsquare.net blob: *.shorthandstories.com; worker-src 'self' ; connect-src 'self' data: *.google-an

Links to (5)

Linked from (9)