paragon28.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- OneTrust
- Fonts
-
- Google Fonts
Third-party hosts loaded (7)
- cdn.cookielaw.org×2
- fonts.googleapis.com×2
- static.elfsight.com×2
- www.googletagmanager.com×2
- js.hs-scripts.com×1
- maps.googleapis.com×1
- www.google.com×1
Social
Contact
- Phone
Registration
- Registrar
- CSC Corporate Domains, Inc.
- Created
- 2010-08-03
- Expires
- 2032-08-03 2267 days left
- Updated
- 2025-12-11
- Name servers
-
- evangeline.ns.cloudflare.com
- mario.ns.cloudflare.com
DNS records live
- NS
-
- evangeline.ns.cloudflare.com
- mario.ns.cloudflare.com
- MX
-
- 0 paragon28-com.mail.protection.outlook.com
- TXT
-
Show 9 TXT records
ms-domain-verification=a4916780-91c3-45bc-a1c0-6fc19f1e1432openai-domain-verification=dv-0H4kAIVXTRugfEeEq6tCdBzbadobe-idp-site-verification=234d4f595cd0882122168b69c4d5c1343c4e7f0f53ce9e8bb7d000e57b96f078adobe-idp-site-verification=949db81bfbf6f248bf3d3fbdd810b9e052f61c661652ed74f85ff379e726c2e1apple-domain-verification=K4WpMcdHrpF4bxTyasv=8a7fe565848efad33de77f9b5f54c29datlassian-domain-verification=yNTwmiGfAUZVk6Fw/1hJAlqZMrAsCxy5vqXds1JbTIa3iUIDcBZV6cb24MtJZXu2dropbox-domain-verification=bv6hb72ex8t7ms-domain-verification=31d9d0fe-80ba-43a4-82f2-bb1aae137585
Email authentication partial
- SPF
-
v=spf1 ip4:168.245.118.31 ip4:44.241.181.204 include:_spf.salesforce.com include:spf.protection.outlook.com include:20645419.spf06.hubspotemail.net include:_spf.psm.knowbe4.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:0b4fbdc33da84c819ddb22174d7e6d61@dmarc-reports.cloudflare.net,mailto:dmarc@paragon28.com; ruf=mailto:dmarc@paragon28.com; fo=1policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgPb/mzZlPdPjtaFoLKR2YRrewIQNymyok7PFQrKuTL2Voe6F3wfH3arKFQ7zfkznugM697HDwJMFGrllg/k… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMGDKFIDXCiosft5LIf+DclBGDnk1fJkCDIiJRoM/e/aNngQ5ARWxya9jyNq/siWlErbrjtBgngG29W+ja… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCi2HJs1+oy7jodid9q+pA2i6JETEmJW2vPKwLihOGgFELkuJxFfYfSjRB6VSvwHbzekm8VWtwfLjinTJ0058s10W…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 46 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.elfsight.com https://*.elfsightcdn.com https://*.googleapis.com https://*.gstatic.com https://*.google.com https://*.googletagmanager.com https://*.google-analytics.com https://www.google-analytics.com https://*.vimeo.com https://*.vimeocdn.com https://*.facebook.net https://*.facebook.com https://*.twitter.com https://*.linkedin.com https://*.zoom.us https://*.zoomgov.com https://player.vimeo.com https://*.cookielaw.org https://cdn.cookielaw.org https://*.hs-scripts.com https://js.hs-scripts.com https://*.lfeeder.com https://sc.lfeeder.com https://*.hubspot.com https://js.hubspot.com https://*.hs-banner.com https://js.hs-banner.com https://*.hsadspixel.net https://js.hsadspixel.net https://*.hs-analytics.net https://js.hs-analytics.net https://*.hscollectedforms.net https://js.hscollectedforms.net https://*.crazyegg.com https://script.crazyegg.com https://*.doubleclick.net https://googleads.g.doubleclick.net- strict-transport-security
max-age=31536000; includeSubDomains; preload