churnetvalleyrailway.co.uk

HTML metadata

Title: Steam Train Staffordshire | Derbyshire / Midlands - Churnet Valley Railway
Description: One of the best steam railway days out on magnificent trains through beautiful countryside. River valley, woodland, bridges, tunnels and Victorian stations.
Language: en
Canonical: https://www.churnetvalleyrailway.co.uk

Open Graph

url: https://www.churnetvalleyrailway.co.uk
title: Steam Train Staffordshire | Derbyshire / Midlands
description: One of the best steam railway days out on magnificent trains through beautiful countryside. River valley, woodland, bridges, tunnels and Victorian stations.

Technology

CDN: Cloudflare

Analytics

Cloudflare Insights
Google Analytics
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (8)

fonts.googleapis.com×2
cdn-4.convertexperiments.com×1
d2sdg66h0wxrrf.cloudfront.net×1
fonts.gstatic.com×1
static.cloudflareinsights.com×1
widget.trustpilot.com×1
www.google-analytics.com×1
www.googletagmanager.com×1

Social

Contact

Address: Kingsley and Froghall Station, Froghall, ST10 2HA, Stoke-on-Trent, Staffordshire, GB

Registration

Registrar

Krystal Hosting Ltd

Created

2000-02-09

Expires

2031-02-09 1725 days left

Updated

2024-08-04

Name servers

ada.ns.cloudflare.com.
christian.ns.cloudflare.com.

DNS records live

NS

ada.ns.cloudflare.com
christian.ns.cloudflare.com

MX

0 churnetvalleyrailway-co-uk.mail.protection.outlook.com

Verified for

Brevo
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:192.250.239.66 include:spf.mysecurecloudhost.com ip4:157.245.43.30 include:relay.mailchannels.net include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1;p=none;pct=100

policy: none (monitoring only)

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwWZLdXo38VRIg062qZBAkqeKlhwkOiOs+y9r7tdErAZdo2H6DvMktEKyw1fQF9khENswKWFcl5IsI…
selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSFmk5T5eVaNLlL30pFtXOt1w/7YmyAqXBnzHPaXxO3l1SgncQ2d7qN9HBiRsJECr+MLBnmDHnyh1kFEdEP2…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

WE1

from 2026-05-15 to 2026-08-13

Expires in 84 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.churnetvalleyrailway.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: base-uri 'self';default-src 'self';font-src 'self' fonts.gstatic.com fonts.googleapis.com www.paypalobjects.com cdn.jsdelivr.net cdnjs.cloudflare.com data:;form-action 'self' *;media-src 'self' cdn.churnetvalleyrailway.co.uk d2sdg66h0wxrrf.cloudfront.net;object-src 'none';connect-src 'self' google.com *.google.com maps.googleapis.com *.braintree-api.com *.braintreegateway.com *.paypal.com *.cardinalcommerce.com kg668dbov0.execute-api.us-east-1.amazonaws.com www.facebook.com *.hotjar.com *.hotjar.io wss://ws.hotjar.com otlp.bugsnag.com/v1/traces api.getaddress.io cloudflareinsights.com *.convertexperiments.com *.google-analytics.com *.analytics.google.com *.g.doubleclick.net pagead2.googlesyndication.com;img-src 'self' cdn.churnetvalleyrailway.co.uk d2sdg66h0wxrrf.cloudfront.net cvr-uploads.s3.eu-west-2.amazonaws.com data: blob: *.google.co.uk google.co.uk *.google.com google.com *.googleapis.com maps.gstatic.com/mapfiles/ *.braintreegateway.com *.paypal.com www.paypalobjects.com www.fa
strict-transport-security: max-age=63072000; includeSubDomains;

Links to (11)

Linked from (1)

raileventsint.co.uk×2