bromford.co.uk

.uk crawl

First seen 2026-04-12 · Last seen 2026-05-07 · ok HTTP/1.1 200 4255 ms crawled 2026-05-06

GB · 20.90.134.39 · AS8075 Microsoft Corporation

Reputation 100/100

sector nonprofit type homepage

HTML metadata

Title: We invest in homes and relationships so people can thrive.
Description: We're a housing association, with 47,000 homes spread across central and south west England, but ultimately, we’re a people business. We want the 100,000 people who live in our homes to thrive.
Language: en-gb
Canonical: https://www.bromford.co.uk/home/

Open Graph

title: Bromford - We invest in homes and relationships so people can thrive.
description: We're a housing association, with 47,000 homes spread across central and south west England, but ultimately, we’re a people business. We want the 100,000 people who live in our homes to thrive.

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (3)

ajax.googleapis.com×1
code.jquery.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC.

Created

1998-08-04

Expires

2026-08-04 76 days left

Updated

2024-08-05

Name servers

ns03.domaincontrol.com.
ns04.domaincontrol.com.

DNS records live

NS

ns03.domaincontrol.com
ns04.domaincontrol.com

MX

0 bromford-co-uk.mail.protection.outlook.com

TXT

Show 12 TXT records

MS=ms37034723
ddosx-site-verification=bc6f4b6d4ecc87133f8a6b8ed33af72e12dff52c1205af041a1b9deaef8076a7
dg11+lgVVNVsxLdw/snM5XRbWb/PvZcJkWlJa2VNMiHcvMVUhxLaC6+j9/kjWzz9lRhTp3f1LCPbDn55pkP67g==
9u0u2pge2tfukvivr6e5j683fo
BCOM=DEL
lucid-verification=vba!kbt6dbn3ANU_vqn
google-site-verification=y8BzNrPAtKNujSNFdIxmQtpoofkGi360L9A-h-bCmM8
apple-domain-verification=z3Au5AmVF7FKj6jM
clio-domain-verification=9cf67cd4b0e4f2fa8ebdaeeaec5b319a
google-site-verification=fMSoqPczWsx8ZW7G59sKdwfvvpAKexpgYz9V1ccLxeY
0ed1fe018a04638b77da0d485d8efa28e7f1223a00
v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2025-10-03 to 2026-11-04

Expires in 168 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.bromford.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: script-src *.civiccomputing.com *.clarity.ms *.google-analytics.com *.onetrust.com ajax.googleapis.com apps.euw2.pure.cloud cdnjs.cloudflare.com code.jquery.com connect.facebook.net form.jotform.com live-chat-assets.socialsignin.net live-chat-cdn.orlo.app maps.google.com maps.googleapis.com 'self' siteimproveanalytics.com snap.licdn.com static.hotjar.com 'unsafe-inline' www.clarity.ms www.facebook.com www.googletagmanager.com www.youtube.com;connect-src *.civiccomputing.com *.clarity.ms *.cloudfunctions.net *.firebaseapp.com *.firebaseio.com *.google.com *.google-analytics.com *.linkedin.com *.onetrust.com *.themediapeople.co.uk apps.euw2.pure.cloud content.hotjar.io googleads.g.doubleclick.net https://api.euw2.pure.cloud https://api-cdn.euw2.pure.cloud https://fileupload.euw2.pure.cloud maps.googleapis.com 'self' surveystats.hotjar.io wss://*.euw2.pure.cloud wss://s-usc1a-nss-2050.firebaseio.com wss://ws.hotjar.com;script-src-elem *.clarity.ms *.firebaseio.com *.google.com *.onetrust.
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (6)

Linked from (2)

bfl-places.co.uk×2
verifile.co.uk×1