indexo.dev

highland-adp.org.uk

.uk crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 880 ms crawled 2026-06-02

GB · 20.0.114.104 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Highland Alcohol and Drugs Partnership
Language
en-GB
Generator
WordPress 6.9.4
Canonical
https://www.highland-adp.org.uk/
Feeds

Technology

Server
rocket
CMS
WordPress 6.9.4
jQuery
3.7.1
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • www.googletagmanager.com×2
  • www.google.com×1
  • www.skynettechnologies.com×1

Social

DNS records live

NS
  • ns1.serverworld.uk
  • ns2.serverworld.uk
  • ns3.serverworld.uk
  • ns4.serverworld.uk
MX
  • 10 mail2.cali.co.uk

Email authentication weak

SPF
v=spf1 mx include:_spf.cali.co.uk ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

E8
from 2026-05-22 to 2026-08-20
Expires in 77 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.highland-adp.org.uk/

present
  • strict-transport-security
  • content-security-policy
  • content-security-policy-report-only
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), camera=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),usb=(); report-to=perm-endpoint
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.scot.nhs.uk *.nhsgrampian.org *.nhslothian.scot *.nhsggc.scot hcaptcha.com *.hcaptcha.com; upgrade-insecure-requests; report-to csp-endpoint; report-uri https://web-reports.scot.nhs.uk/api/v1/csp-report
strict-transport-security
max-age=63072000
content-security-policy-report-only
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: logger.scot.nhs.uk *.fontawesome.com use.typekit.net *.google.com *.google.co.uk *.googleapis.com themes.googleusercontent.com *.gstatic.com code.jquery.com yui.yahooapis.com *.bootstrapcdn.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.twitter.com *.twimg.com *.youtube.com youtu.be *.ytimg.com www.youtube-nocookie.com player.vimeo.com i.vimeocdn.com cdn.jwplayer.com content.jwplatform.com prd.jwpltx.com *.jwpcdn.com *.jwpsrv.com *.civiccomputing.com cc.cdn.civiccomputing.com secure.gravatar.com public.tableau.com www.openstreetmap.org browser-update.org s.w.org www.geoplugin.net *.wp.com hcaptcha.com *.hcaptcha.com www.careopinion.org.uk www.patientopinion.org.uk assets.nhs.uk www.travelinescotland.com; worker-src 'self' www.google.com; frame-ancestors 'self'; base-uri 'self'; report-to csp-endpoint; report-uri https://web-reports.scot.nhs.uk/api/v1/csp-report

Links to (9)

Linked from (1)