hwcoatesholdings.co.uk

.uk crawl

First seen 2026-05-02 · Last seen 2026-05-20 · ok HTTP/1.1 200 1374 ms crawled 2026-05-08

DE · 217.160.0.127 · AS8560 IONOS SE

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title

H W Coates Holdings

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://hwcoatesholdings.co.uk/

Feeds

Technology

Server: Apache
CMS: WordPress

DNS records live

NS

ns1016.ui-dns.com
ns1029.ui-dns.de
ns1095.ui-dns.org
ns1115.ui-dns.biz

MX

Email authentication strong

SPF

v=spf1 -all

strict (-all)

DMARC

v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s;fo=1

policy: reject (enforced) · sp=reject

DKIM

Show 12 DKIM selectors

default: v=DKIM1; p=
google: v=DKIM1; p=
selector1: v=DKIM1; p=
selector2: v=DKIM1; p=
k1: v=DKIM1; p=
k2: v=DKIM1; p=
mail: v=DKIM1; p=
dkim: v=DKIM1; p=
s1: v=DKIM1; p=
s2: v=DKIM1; p=
mxvault: v=DKIM1; p=
smtpapi: v=DKIM1; p=

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-01-13 to 2027-01-28

Expires in 252 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://hwcoatesholdings.co.uk/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")