indexo.dev

gallifordtry.co.uk

.uk crawl

First seen 2026-04-15 · Last seen 2026-05-19 · ok HTTP/1.1 200 1773 ms crawled 2026-05-10

IE · 18.202.112.132 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Galliford Try
Description
Galliford Try is one of the UK's leading construction groups, working to improve the UK’s built environment and delivering lasting change.
Language
en
Canonical
https://www.gallifordtry.co.uk/

Open Graph

url
https://www.gallifordtry.co.uk/
title
Galliford Try
description
Galliford Try is one of the UK's leading construction groups, working to improve the UK’s built environment and delivering lasting change.

Technology

Server
Microsoft-IIS
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Registration

Registrar
123-Reg Limited t/a 123-reg
Created
2000-08-22
Expires
2026-08-22 93 days left
Updated
2025-07-21
Name servers
  • ns37.domaincontrol.com.
  • ns38.domaincontrol.com.

DNS records live

NS
  • ns37.domaincontrol.com
  • ns38.domaincontrol.com
MX
  • 10 gallifordtry-co-uk.mail.protection.outlook.com
TXT
Show 7 TXT records
  • 22fnqq1do8q19d6nikjk9o5spk
  • access-domain-verification=3575298d186c6bad329ee0b38b241b21f31cbaae21d0d4c6030b78d1545a73e7
  • Z2FsbGlmb3JkdHJ5
  • uqf07kd9e3lbnusihrhdh3ijn0
  • access-domain-verification=f5fae6017a16bd253bfc256af719fd9347da918fe05e899601be0db77c0cc6c4
  • have-i-been-pwned-verification=24e81f5a40fa2ed874af92d03171c298
  • V6SP6XPMGUESY25G114VXU8NAY30W7KGC9BJ66LW
Verified for
  • 1Password
  • Apple
  • Google
  • Google Workspace
  • Microsoft 365

Email authentication strong

SPF
v=spf1 mx ip4:82.196.238.94 ip4:147.154.128.0/19 a:b.spf.service-now.com a:c.spf.service-now.com a:d.spf.service-now.com include:spf.protection.outlook.com include:amazonses.com include:eu.rp.oracleemaildelivery.com include:spf_c.oraclecloud.com -all
strict (-all)
DMARC
v=DMARC1;p=reject;pct=100;rua=mailto:infosecmonitoring@gallifordtry.co.uk,mailto:graham.starkie@gallifordtry.co.uk;ruf=mailto:graham.starkie@gallifordtry.co.uk;aspf=s;adkim=r;fo=1;
policy: reject (enforced)
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R13
from 2026-04-22 to 2026-07-21
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.gallifordtry.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'none'; connect-src 'self' *.cloudflare.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.cookieyes.com cdn-cookieyes.com *.google.com *.addevent.com *.plyr.io noembed.com www.juicer.io *.googleapis.com createsend.com www.google-analytics.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.jsdelivr.net cdn-cookieyes.com *.youtube.com *.plyr.io assets.juicer.io *.googleapis.com addevent.com *.createsend1.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com; media-src 'self'; img-src * data: blob: 'unsafe-inline'; style-src 'self' 'unsafe-inline' *.plyr.io *.cloudfront.net assets.juicer.io fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: www.gallifordtry.co.uk *.cloudfront.net *.juicer.io fonts.googleapis.com fonts.gstatic.com; frame-src https://*.adobe.com https://*.doubleclick.net *.webreality.co.uk 'self' ir.q4europe.com *.q4web.com *.google.com *.youtube.com *.youtube-nocookie.com player.vime
strict-transport-security
max-age=31536000; preload; includeSubDomains

Links to (9)

Linked from (10)