upgas.com
upgas.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- jQuery
- 3.5.1
- Analytics
-
- Google Analytics
- Google Tag Manager
- Ads
-
- Google Ads (DoubleClick)
- Meta Pixel
- Fonts
-
- Adobe Fonts
- Google Fonts
- Social widgets
-
- Twitter Widget
Third-party hosts loaded (16)
- www.googletagmanager.com×5
- www.google.com×3
- ajax.googleapis.com×2
- apis.google.com×2
- connect.facebook.net×2
- fonts.googleapis.com×2
- platform.twitter.com×2
- staticxx.facebook.com×2
- stats.g.doubleclick.net×2
- syndication.twitter.com×2
- use.typekit.net×2
- www.google-analytics.com×2
- www.google.co.uk×2
- fonts.gstatic.com×1
- js.hs-scripts.com×1
- static.elfsight.com×1
Social
Contact
- Address
- 1001 Warrenville Road, Suite 350, 60532, Lisle, IL
Registration
- Registrar
- Cloudflare, Inc.
- Created
- 1998-02-18
- Expires
- 2027-02-17 259 days left
- Updated
- 2023-11-03
- Name servers
-
- poppy.ns.cloudflare.com
- weston.ns.cloudflare.com
DNS records live
- NS
-
- poppy.ns.cloudflare.com
- weston.ns.cloudflare.com
- MX
-
- 0 usb-smtp-inbound-1.mimecast.com
- 0 usb-smtp-inbound-2.mimecast.com
- Verified for
-
- Adobe
- Apple
Email authentication strong
- SPF
-
v=spf1 include:usb._netblocks.mimecast.com include:spf.US.exclaimer.net include:spf.protection.outlook.com include:spfa.protection.outlook.com include:spfb.protection.outlook.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:72c75c693650484ab4bc44480d4e1875@dmarc-reports.cloudflare.net,mailto:websecuritylog@hickscorp.com; ruf=mailto:websecuritylog@hickscorp.com; sp=none; ri=86400policy: reject (enforced) · sp=none - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3Va+AdvqtvI/N+0EMgsqZimkhiAgln7ddJDkMCtI2xWLmZALoKK5/+JlBfOnQujWpwRowlYBvziss… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRIUIJ9+4UMcO9Azzisfq22V/CtiQiClZ5rW3DL8AETmNBNCTPLE/ZR71MjsEpabf4Ys/UI72yp3zB…
selectors probed - selector1:
Certificate (current)
E7
Expires in 37 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self';block-all-mixed-content;script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' blob: https://assets.zuko.io https://assets.loqate.com https://beacon.min.js https://*.convertexperiments.com https://*.birdeye.com https://*.doubleclick.net https://*.googleapis.com https://connect.facebook.net https://content.linkedin.com https://cdn-4.convertexperiments.com https://forms.hsforms.com https://graph.facebook.com https://*.chasepaymentechhostedpay.com https://googletagmanager.com https://js.zi-scripts.com https://js.facebook.com https://js.hsforms.net https://js.hscollectedforms.net https://js.hs-analytics.net https://js.usemessages.com https://js.hubspotfeedback.com https://js.hsadspixel.net https://js.hs-banner.com https://js.hsleadflows.net https://js-na1.hs-scripts.com https://js.hs-scripts.com https://platform.linkedin.com https://services.postcodeanywhere.co.uk https://static-exp1.licdn.com https://snap.licdn.com https://script.hotjar.com https://static.h- strict-transport-security
max-age=31536000; includeSubDomains; preload