porvair.com

.com crawl

First seen 2026-05-10 · Last seen 2026-05-16 · ok HTTP/1.1 200 3322 ms crawled 2026-05-16

IE · 52.17.152.5 · AS16509 Amazon.com, Inc.

Reputation 67/100 wrong cert no dmarc policy

Classifying

HTML metadata

Title

Homepage | Porvair Plc

Language

Canonical

https://www.porvair.com/

Translations

Open Graph

url: https://www.porvair.com/homepage
title: Homepage
site name: Porvair Plc

Technology

CDN: Cloudflare

Analytics

Cloudflare Insights

Third-party hosts loaded (4)

assets.investisdigital.com×2
irs.tools.investis.com×2
cdnjs.cloudflare.com×1
static.cloudflareinsights.com×1

Social

Registration

Registrar

IONOS SE

Created

1997-09-22

Expires

2026-09-21 124 days left

Updated

2025-10-10

Name servers

ns1.livedns.co.uk
ns2.livedns.co.uk
ns3.livedns.co.uk

DNS records live

NS

ns1.livedns.co.uk
ns2.livedns.co.uk
ns3.livedns.co.uk

MX

0 porvair-com.mail.protection.outlook.com

Email authentication weak

SPF: v=spf1 include:spf.protection.outlook.com include:spf.tmes.trendmicro.com include:authsmtp.com -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current) wrong cert

GlobalSign RSA OV SSL CA 2018

from 2025-11-15 to 2026-12-17

Expires in 211 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.porvair.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: autoplay=(self "https://*.investisdigital.com" "https://*.youtube.com" "https://*.vimeo.com" "https://*.vimeocdn.com"), encrypted-media=(self "https://*.investisdigital.com" "https://*.youtube.com" "https://*.vimeo.com" "https://*.vimeocdn.com"), fullscreen=(self "https://*.investisdigital.com" "https://*.youtube.com" "https://*.vimeo.com" "https://*.vimeocdn.com")
x-content-type-options: nosniff
content-security-policy: default-src 'self' edge.api.brightcove.com viz.tools.investis.com *.media.brightcove.com cdn.jsdelivr.net dev-api.investisdigital.com api.investisdigital.com dev-assets.investisdigital.com assets.investisdigital.com qaotp.tools.investisdigital.com geoid.investisdigital.com *.code.highcharts.com cookiemanager.investisdigital.com/ *.google-analytics.com *.googleapis.com *.nr-data.net *.myidx.cloud svc.webspellchecker.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com ict.infinity-tracking.net www.gstatic.com viz.tools.investis.com www.google.com maps.googleapis.com maps.google.com www.linkedin.com ajax.googleapis.com pi.pardot.com bam.nr-data.net *.googletagmanager.com *.google-analytics.com sjs.bizographics.com connect.facebook.net *.jquery.com irs.tools.investis.com *.hotjar.com px.ads.linkedin.com d2wy8f7a9ursnm.cloudfront.net ssl.p.jwpcdn.com js-agent.newrelic.com cdn.jsdelivr.net edge.api.brightcove.com *.googleapis.com www.youtube.com youtube.com s.ytimg.com
strict-transport-security: max-age=15552000; includeSubDomains; preload

Links to (2)

investis.com×1
linkedin.com×1

Linked from (1)

seal-buyparts.com×1