boneandjoint.org.uk
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Ads
-
- Google Ads (DoubleClick)
Third-party hosts loaded (7)
- cdnjs.cloudflare.com×2
- cdn.foxycart.com×1
- cdn.jsdelivr.net×1
- px.ads.linkedin.com×1
- securepubads.g.doubleclick.net×1
- www.facebook.com×1
- www.googletagmanager.com×1
Registration
- Registrar
- 123-Reg Limited t/a 123-reg
- Created
- 2011-01-10
- Expires
- 2027-01-10 235 days left
- Updated
- 2025-01-11
- Name servers
-
- ns-1508.awsdns-60.org.
- ns-1830.awsdns-36.co.uk.
- ns-459.awsdns-57.com.
- ns-924.awsdns-51.net.
DNS records live
- NS
-
- ns-1508.awsdns-60.org
- ns-1830.awsdns-36.co.uk
- ns-459.awsdns-57.com
- ns-924.awsdns-51.net
- MX
-
- 10 boneandjoint-org-uk.mail.protection.outlook.com
- TXT
-
google-site-verification=-5H9LYVQexCBHqZOnioaVeIcWVo7EehV0PuqaFW2UdwMS=ms75922820UK-federation-domain-verification=c4d8e29cd3a8eb43fc7102bc8c4c930a
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:gatormail.co.uk include:_spf.spotlergroup.com -allstrict (-all) - DMARC
-
v=DMARC1; p=nonepolicy: none (monitoring only) - DKIM
-
Show 4 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIwa//ue8KkNJmVEhF9fnqIyS4e8bFo0Au9aSIv7UO/tMcnNaMfjIJJTzT9OnBP4SVaaN+2sCGUz0WO69npv… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0RmGvDJAKAUWiHIRzIFI5wFzo+Ts5ikL1Jnov0zq6J+efUk5cNL5CXLdvYA4ydwcTX5gxcALSmpvp… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYjBGdZlNPmYEqvB1gXTesq/3p4KWimivZGNUgmvdmWEDqBeWFxHBJIQif/s1i3F6d7j/Wk77GV01Gk/rU… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIXks7FaGVSY8jqi30EVq6s5ZW4YHX2Ub+UKdUorqQ4FDMBrHKXoGqJJDy/Ohw+eTY7xaPQsH2FL6cJKrE…
selectors probed - selector1:
Certificate (current)
Amazon RSA 2048 M02
Expires in 84 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), interest-cohort=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=()- x-content-type-options
nosniff- content-security-policy
script-src 'self' crossmark-cdn.crossref.org scholar.google.com d1bxh8uas1mnw7.cloudfront.net embed.altmetric.com cdn.scite.ai connect.liblynx.com unpkg.com cdn.foxycart.com test-boneandjoint-org-uk.foxycart.com boneandjoint-org-uk.foxycart.com api.altmetric.com js.stripe.com cdnjs.cloudflare.com tpc.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com www.googletagservices.com www.googletagmanager.com challenges.cloudflare.com 'nonce-VaMqNxsUVYKQ8OSN1tj7gL9TrrKeEYSL8joUge05I/I='; object-src 'self'; block-all-mixed-content; img-src 'self' data: s3.eu-west-2.amazonaws.com *.s3.eu-west-2.amazonaws.com crossmark-cdn.crossref.org cdn.scite.ai badges.altmetric.com embed.altmetric.com connect.liblynx.com tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com www.google.com; form-action 'self'; font-src 'self' fonts.gstatic.com cdn.scite.ai; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com d1bxh8uas1mnw7.cloudfro- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
cross-origin