pcisecuritystandards.org

HTML metadata

Title

PCI Security Standards Council – Protect Payment Data with Industry-driven Security Standards, Training, and Programs

Description

A global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments.

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://www.pcisecuritystandards.org/

Feeds

PCI Security Standards Council » Feed RSS

Open Graph

url: https://www.pcisecuritystandards.org/
title: Official PCI Security Standards Council Site
locale: en_US
site name: PCI Security Standards Council
description: A global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments.

Technology

Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (3)

cc.cdn.civiccomputing.com×2
www.googletagmanager.com×2
gmpg.org×1

Social

Registration

Registrar

eNom, LLC

Created

2006-05-22

Expires

2026-05-22 2 days left

Updated

2025-05-26

Name servers

ns-1420.awsdns-49.org
ns-2024.awsdns-61.co.uk
ns-399.awsdns-49.com
ns-758.awsdns-30.net

DNS records live

NS

ns-1420.awsdns-49.org
ns-2024.awsdns-61.co.uk
ns-399.awsdns-49.com
ns-758.awsdns-30.net

MX

0 pcisecuritystandards-org.mail.protection.outlook.com

TXT

Show 12 TXT records

KhdVF6K
MS=ms28780828
WPL-MZQ-AJQ
adobe-idp-site-verification=f6ab3de942da67a8407103ded890a7a32a9fd591673ececcd7fc8ea7b1381c3f
apple-domain-verification=4A3aBoW2rLI5Jx7p
atlassian-domain-verification=OVtXGX6awdRlkWwiGQVAoiyECNs7ChSLa4h4De2/NANQAU1n8jOGiZtK5az6hUfL
bfXfPkNE
globalsign-domain-verification=xoi3Yt9gNPsZ3yL1IJjeGsoWjOApOSfyuEqbwDNXzc
google-site-verification=L7S9NtXr4nHOwY-Uas16ffXb-jbaQUGQG3FarSPYQso
y66u/GMv63VqxLxJqlExK5zkzb84zHpoS97/NOa1B82YbKBbG1a2ftl/S1LLnSpXowBCCwOppeWFqK7BljrX9Q==
2kLCKsOm/CVEJoz5X+DiIXnyanscIV08dJjFgJqs77hXe8AZcv7X/d+Tnn3Tj1qnphddi+KBljbzGNyhnTB3Hg==
FcsJ8I7

Email authentication strong

SPF

v=spf1 include:_s00014748.autospf.email -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:pcissc-t@dmarc.report-uri.com

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEwOH0AtKb2ZuTELL5pX3wqeoS/tb4WlJVT4T6hNqcX9we90XQYJMJ7UaSVqWwEyvNEmZtQU3GM5RjcO/2qL…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

E8

from 2026-03-24 to 2026-06-22

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.pcisecuritystandards.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: vibrate=(), geolocation=(), midi=(self), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self "https://publuu.com"), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' fast.fonts.net *.hubspot.com *.akamaihd.net *.vimeo.com *.hsforms.net *.sharethis.com *.google-analytics.com *.gstatic.com *.twitter.com *.addthis.com *.googleapis.com *.youtube.com *.adyen.com *.hs-scripts.com *.hs-analytics.net *.twimg.com *.wowza.com *.pcissc.org latencytimer.azurewebsites.net cc.cdn.civiccomputing.com cdnjs.cloudflare.com cdn.parsely.com api.parsely.com p1.parsely.com *.googletagmanager.com stats.g.doubleclick.net apikeys.civiccomputing.com *.cludo.com publuu.com *.pcisecuritystandards.org *.force.com pcisecuritystandards.studio *.hsforms.com blob: data:; img-src https: data:;
strict-transport-security: max-age=31536000;includeSubdomains;preload