omnicapitalretailfinance.co.uk

.uk crawl

First seen 2026-04-20 · Last seen 2026-05-16 · ok HTTP/1.1 200 2462 ms crawled 2026-05-13

GB · 4.250.84.165 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Home - Omni Capital Retail Finance

Description

Omni Capital Retail Finance helps customers spread cost of products and services, from home improvements to healthcare, with flexible retail finance options.

Language

en-US

Generator

Site Kit by Google 1.173.0

Canonical

https://www.omnicapitalretailfinance.co.uk/

Feeds

Open Graph

url: https://www.omnicapitalretailfinance.co.uk/
title: Home - Omni Capital Retail Finance
locale: en_US
site name: Omni Capital Retail Finance
description: Omni Capital Retail Finance helps customers spread cost of products and services, from home improvements to healthcare, with flexible retail finance options.
updated time: 2025-10-08T09:55:31+00:00

Technology

Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (6)

www.googletagmanager.com×3
cdn-cookieyes.com×2
cdn.elementor.com×2
widget.trustpilot.com×2
gmpg.org×1
widgets.tree-nation.com×1

Registration

Registrar

GoDaddy.com, LLC.

Created

2013-05-16

Expires

2028-05-16 726 days left

Updated

2025-05-16

Name servers

ns53.domaincontrol.com.
ns54.domaincontrol.com.

DNS records live

NS

ns53.domaincontrol.com
ns54.domaincontrol.com

MX

0 omnicapitalretailfinance-co-uk.mail.protection.outlook.com

TXT

omniwebapp1.azurewebsites.net
pvazuwapp01.azurewebsites.net

Verified for

Google

Email authentication weak

SPF: v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2026-02-09 to 2027-03-13

Expires in 296 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.omnicapitalretailfinance.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: widget.trustpilot.com cdn-cookieyes.com cdnjs.cloudflare.com widgets.tree-nation.com log.cookieyes.com cdn.elementor.com googletagmanager.com www.googletagmanager.com google-analytics.com stats.g.doubleclick.net analytics.google.com trustpilot.com *.google.com *.gstatic.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com cdn.elementor.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com cdnjs.cloudflare.com; img-src 'self' data: https: secure.gravatar.com; connect-src 'self' log.cookieyes.com cdn-cookieyes.com cdn.elementor.com widget.trustpilot.com *.google.com *.googletagmanager.com *.analytics.google.com region1.analytics.google.com www.google.com google-analytics.com stats.g.doubleclick.net analytics.google.com; frame-src 'self' widget.trustpilot.com widgets.tree-nation.com www.googletagmanager.com; worker-src 'self' blob:; upgrade-insecure-requests;
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin

Links to (3)

Linked from (2)

castletrust.co.uk×2
sknclinics.co.uk×2