cordiaenergy.com

HTML metadata

Title

Customized District & On-Site Energy Solutions | Cordia

Description

Cordia provides customized, capital-free on-site and district energy solutions that enhance reliability, sustainability, and efficiency for hospitals, universities, government buildings, and commercial developments in key U.S. cities.

Language

en-US

Canonical

https://cordiaenergy.com/

Feeds

Cordia » Feed RSS
Cordia » Comments Feed RSS

Open Graph

url: https://cordiaenergy.com/
title: Home
locale: en_US
site name: Cordia
description: Cordia provides customized, capital-free on-site and district energy solutions that enhance reliability, sustainability, and efficiency for hospitals, universities, government buildings, and commercial developments in key U.S. cities.

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (6)

d28vn7hqjz0l3o.cloudfront.net×104
f.edology.com×3
www.google.com×2
events.flow.graph8.com×1
www.googletagmanager.com×1
www.youtube.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2022-07-01

Expires

2027-07-01 407 days left

Updated

2025-04-18

Name servers

archer.ns.cloudflare.com
kinsley.ns.cloudflare.com

DNS records live

NS

archer.ns.cloudflare.com
kinsley.ns.cloudflare.com

MX

10 mxa-008c3d01.gslb.pphosted.com
10 mxb-008c3d01.gslb.pphosted.com

TXT

Show 12 TXT records

vertexinc-cloud-0459fb4d-5b3c-4de9-8eb3-3461c2d50093
MS=ms17485637
_globalsign-domain-verification=3of4kKI0i2gQUcsRF1D2nnEjkMq7RHy6iHSJbXojRY
_globalsign-domain-verification=SWSUnrx8kLD6CE0VvPObQK_X52dxHF5N_iuHXEWxUt
_globalsign-domain-verification=UGYbJk2M5NT-MRYbK-igRj4ycvGfWVeTb9eQ5Fy3XD
apple-domain-verification=3GxEaH2LonU9Ut8z
ca3-cbd49d2e16494d1aa6ef6f8314199c1c
docusign=dab904fe-6456-4d2a-b9f9-2ee17614b4a9
docusign=f3b98e8c-d268-4dbc-a16b-2bed17fe4f3c
duo_sso_verification=KaUZOxKbzZwtvmst42cajfxqNuU3CoSTYdA3HZLlBDDQjvu7iFoTzQgnrWsyZAUp
duo_sso_verification=dPSVvAmXpiskK9OQr3faIw7j9NcBmawObt24YxHmtptkp2z9tkEjXuj3CEgRxp3m
ppe-963e93d7d9d52aa7a6048ff9e13d67e63e3f0ee5

Email authentication strong

SPF

v=spf1 include:_spf.cordiaenergy_com._d.easydmarc.pro -all

strict (-all)

DMARC

v=DMARC1;p=quarantine;pct=100;rua=mailto:cdbf087645@rua.easydmarc.us;ruf=mailto:cdbf087645@ruf.easydmarc.us;ri=86400;fo=1;

policy: quarantine

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lcLy77D10Ht478IVVGdno9+GajuGH19gZ44ySMhQdg7K5ZzlYYVxxpJXICy/sCeBDZyzjyvCN/KjA5r3+…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyBRsF9uK2WGgnTFyH6SBI8TooF1ZHQNnc9OnynblBqBssjFluJCZJCt0lArJyKZ+d44e5i4VBAMsO+SRq…

selectors probed

Certificate (current)

Amazon RSA 2048 M04

from 2025-10-08 to 2026-11-07

Expires in 171 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://cordiaenergy.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://d28vn7hqjz0l3o.cloudfront.net data:; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' blob: https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://maps.google.com https://www.google.com/recaptcha/ https://subscription.graph8.com https://www.googletagmanager.com; media-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https://googleads.g.doubleclick.net https://tpc.googlesyndication.com;
strict-transport-security: max-age=31536000; includeSubDomains

Links to (2)

instagram.com×1
linkedin.com×1

Linked from (2)

aimtechawards.org×1
bomasf.org×1