pagid.co.uk
pagid.co.uk
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (3)
- gmpg.org×1
- www.facebook.com×1
- www.googletagmanager.com×1
Social
Contact
DNS records live
- NS
-
- auth04.ns.de.uu.net
- auth54.ns.de.uu.net
- TXT
-
Generated by Verizon DNSTool V 2.9
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 81 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
origin-when-cross-origin- x-frame-options
sameorigin- permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(self), usb=(), vr=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' https: pagid.com pagid.co.uk; worker-src blob: ; frame-ancestors 'self' pagid.com *.pagid.com pagid.co.uk *.pagid.co.uk ; connect-src https: pagid.com pagid.co.uk; frame-src https: pagid.com pagid.co.uk; img-src https: data: secure.gravatar.com; object-src https: ; style-src 'self' 'unsafe-inline' *.googleapis.com https: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' data: https: *.pagid.com *.pagid.co.uk *.tmdfriction-hub.com *.google-analytics.com *.gstatic.com *.google.com *.wp.com *.w.com *.facebook.com *.twitter.com *.linkedin.com ; font-src 'self' data: https: ; media-src 'self' https: *.youtube.com *.vimeo.com secure.gravatar.com- strict-transport-security
max-age=15768000; preload