cirka.uk

HTML metadata

Title

Home - Cirka UK

Language

en-AU

Generator

WordPress 6.9.4

Canonical

https://cirka.uk/

Feeds

Cirka UK » Feed RSS
Cirka UK » Comments Feed RSS

Open Graph

url: https://cirka.uk/
title: Home - Cirka UK
locale: en_US
site name: Cirka UK
description: Welcome to Cirka We create and deliver outstanding experiences About Us With over 35 years of experience in the cleaning industry, Cirka has earned a reputation as a trusted and respected provider of quality services. We pride ourselves on delivering first class solutions to our diverse client portfolio, including Newbury Racecourse, Saracens Rugby Club, Harlequins ... Read more

Technology

CDN: Cloudflare
CMS: WordPress

Third-party hosts loaded (1)

www.google.com×1

Social

Contact

Phone

+442045534606

Address

Road London Putney, England, SW15 2SHPhone:+44 (0)204 553 4606

Registration

Registrar

Synergy Wholesale Accreditations Pty Ltd

Created

2018-08-17

Expires

2026-08-17 89 days left

Updated

2025-08-01

Name servers

diva.ns.cloudflare.com.
edward.ns.cloudflare.com.

DNS records live

NS

diva.ns.cloudflare.com
edward.ns.cloudflare.com

MX

0 cirka-uk.mail.protection.outlook.com

TXT

ms=ms61767971

Email authentication partial

SPF

v=spf1 ip4:172.236.60.162 include:spf.protection.outlook.com +a +mx ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:itadmin@cirka.com.au,mailto:1b8f1e0b1d954b28970b1f0bab6ab7d8@dmarc-reports.cloudflare.net;

policy: none (monitoring only)

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuQCgRyuG3Pr/qEtyVu426xlNk+kKUI3nNVCZN4SqqrMiAasI4KUtiuoAeMeXvQl1m0boE+F1mI1/r…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14zWRcE8lMrKkUK3zQSsY7fN1GXp61EHdsWGTd4ZGdBQVzqV6uqI6OEUmrsdAWDUOeFVLGh8NKz+99…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N47Ut1zYDzIsNTYPOZtvgjnm912B27YyR8S+wPkTa/6uWnTsuiMTC2Gp+v7WmvXqlMe3FvBqD3qAM0BnA…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCabm0tqnPD8oLoKVwp85ob5aOs0rhrbkrjy9wmA+t7z7Zo6oLUjvbtQe3KPJykAfmYk5YNzg0xX5XG1n317+PE8V…

selectors probed

Certificate (current)

WE1

from 2026-03-19 to 2026-06-17

Expires in 28 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://cirka.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(*), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src * blob: data: wss:; frame-src *; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; form-action 'self' https:; upgrade-insecure-requests; block-all-mixed-content
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (5)

Linked from (1)

newburyracecourse.co.uk×2