indexo.dev

totusrehab.co.uk

.uk crawl

First seen 2026-05-01 · Last seen 2026-05-20 · ok HTTP/1.1 200 1295 ms crawled 2026-05-08

GB · 35.214.107.17 · AS15169 Google LLC

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Totus Neurorehabilitation - Bristol, Exeter & Southampton
Language
en-GB
Generator
Site Kit by Google 1.178.0
Canonical
https://totusrehab.co.uk/

Open Graph

url
https://totusrehab.co.uk/
title
Home
locale
en_GB
site name
Totus Neurorehabilitation

Technology

Server
nginx
CMS
WordPress
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×4
  • www.googletagmanager.com×2
  • www.google.com×1

Contact

Email
Phone

Registration

Registrar
GoDaddy.com, LLC.
Created
2018-09-24
Expires
2026-09-24 126 days left
Updated
2024-09-25
Name servers
  • ns13.domaincontrol.com.
  • ns14.domaincontrol.com.

DNS records live

NS
  • ns13.domaincontrol.com
  • ns14.domaincontrol.com
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google

Email authentication weak

SPF
v=spf1 include:_spf.google.com ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-03-16 to 2026-06-14
Expires in 24 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://totusrehab.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak content type protection
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
DENY
permissions-policy
geolocation=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), usb=()
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn-cookieyes.com *.wordpress.com *.wp.com *.gravatar.com *.typekit.net *.adobe.com www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.typekit.net *.adobe.com; font-src 'self' data: fonts.gstatic.com *.typekit.net *.adobe.com use.typekit.net; img-src 'self' data: https://cdn-cookieyes.com *.gravatar.com *.wordpress.com *.wp.com; connect-src 'self' https://cdn-cookieyes.com https://log.cookieyes.com www.google.com; frame-src 'self' *.youtube.com *.vimeo.com www.google.com; object-src 'none'; base-uri 'self';
strict-transport-security
max-age=31536000

Links to (7)

Linked from (2)