prodpad.com
prodpad.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress 1.178.0 outdated (current 6.8)
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (1)
- www.googletagmanager.com×2
Social
Registration
- Registrar
- Gandi SAS
- Created
- 2010-08-03
- Expires
- 2026-08-03 74 days left
- Updated
- 2025-07-03
- Name servers
-
- ns-119.awsdns-14.com
- ns-1238.awsdns-26.org
- ns-2034.awsdns-62.co.uk
- ns-780.awsdns-33.net
DNS records live
- NS
-
- ns-119.awsdns-14.com
- ns-1238.awsdns-26.org
- ns-2034.awsdns-62.co.uk
- ns-780.awsdns-33.net
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 include:_spf.google.com include:mail.zendesk.com include:6306234.spf10.hubspotemail.net include:helpscoutemail.com include:mailgun.org ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; pct=100; fo=1; ruf=mailto:f628103a@dmarc.mailgun.org,mailto:53114516@inbox.ondmarc.com,mailto:prodpad-d@dmarc.report-uri.com,mailto:infosec@prodpad.com;rua=mailto:f628103a@dmarc.mailgun.org,mailto:53114516@inbox.ondmarc.com,mailto:prodpad-d@dmarc.report-uri.com,mailto:infosec@prodpad.com;policy: none (monitoring only) - DKIM
-
Show 4 DKIM selectors
- google:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCX+i6Nfbrq+U4NLVVV6FFT3rRF6Uj7DKCgL8t4zG7oKx6YIq6DL0XYrqRaOfI88Gj/GdAk5FkAJRlidjWM+G… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sf3STwcBZEZu6FXsoThTPrXar1Ohv1IK+vm6pA77KTq7hS3pl62FS6L9te9CyhR3oUXQbkqjhYwu1hKjC… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzyMJWNiQ/HqIFmwMqPlmcCwJon9f+dgIicxaI2A4fg6U8e3FngRRtDHjzhpNW1ImsqmHq9nKRrgDzzNIPqd28wm… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - google:
Certificate (current)
E7
Expires in 74 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests; child-src 'self' *.prodpad.com prodpad2017.staging.wpengine.com calendly.com *.twitter.com www.youtube.com player.vimeo.com www.slideshare.net downloads.mailchimp.com s3.amazonaws.com; connect-src 'self' api.segment.io cdn.segment.com api.amplitude.com *.fullstory.com prodpad2017.wpengine.com api-widget.prodpad.com https://api.hubapi.com *.hubspot.com https://www.facebook.com https://hubspot-forms-static-embed.s3.amazonaws.com *.doubleclick.net *.google-analytics.com *.fontawesome.com *.cloudfront.net *.helpscout.net *.pusher.com wss://*.pusher.com *.sumologic.com *.hsforms.com https://pro.ip-api.com *.hs-banner.com forms.hscollectedforms.net *.analytics.google.com https://analytics.google.com px.ads.linkedin.com https://www.google.com/ccm/collect https://tracking-api.g2.com eu.i.posthog.com https://www.googleadservices.com https://www.google.co.uk https://eu-assets.i.posthog.com/static/ https://static.hsappstatic.net/ https://www.google.com/rmkt/collect/; de- strict-transport-security
max-age=63072000- cross-origin-opener-policy
unsafe-none- cross-origin-embedder-policy
unsafe-none; report-to='default'- cross-origin-resource-policy
cross-origin