heartofyorkshire.ac.uk

.uk crawl

First seen 2026-04-15 · Last seen 2026-05-18 · ok HTTP/1.1 200 3869 ms crawled 2026-05-10

AU · 103.77.224.73 · AS136165 X4B DDoS Protected Announcements

Reputation 100/100

Classifying

HTML metadata

Title

Heart of Yorkshire Education Group - Stronger Together

Language

en-gb

Generator

Joomla! - Open Source Content Management

Feeds

Home RSS
Home Atom

Technology

CMS: Joomla

Analytics

Google Tag Manager

Third-party hosts loaded (3)

www.google.com×2
kit.fontawesome.com×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

DNS records live

NS

ns10.ja.net
ns11.ja.net
ns12.ja.net

MX

10 d229036.a.ess.uk.barracudanetworks.com
20 d229036.b.ess.uk.barracudanetworks.com

TXT

Show 4 TXT records

BPL=4651544
_lc0137cv1u4z4gzmg2vmnbmb7q9blh2
jamf-site-verification=4yL8d6bYL1kJXmGjtyTvQw
monday-com-verification=BFJEZk7Bf3YGpn9OGn3hrMC4RNmcv-mc7e85k-rzR5E

Verified for

Adobe
Apple
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 a:mail.wakefield.ac.uk ip4:45.145.103.197 ip4:80.93.168.194 include:spf.protection.outlook.com include:spf.ess.uk.barracudanetworks.com include:mailgun.org include:_spf.createsend.com include:cirqahosting.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; fo=1; rua=mailto:rua+heartofyorkshire.ac.uk@dmarc.barracudanetworks.com; ruf=mailto:ruf+heartofyorkshire.ac.uk@dmarc.barracudanetworks.com

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NVHc/Mx3WrhanWmMEogQOh973P1KMK38bn9nVYsodXpQazfqShbeM9fSnMilYXCGt8wNCp/cyZTmY…

selectors probed

Certificate (current)

R13

from 2026-04-25 to 2026-07-24

Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.heartofyorkshire.ac.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https://*.click4assistance.co.uk https://*.matterport.com https://*.issuu.com https://*.career-pathways.co.uk https://*.gov.uk https://googleads.g.doubleclick.net https://*.joomlatools.com https://*.google-analytics.com https://*.googletagmanager.com https://connect.facebook.net https://*.google.com https://*.gstatic.com https://*.fontawesome.com https://*.facebook.com https://*.googleapis.com https://*.bing.com https://*.ads-twitter.com https://*.youtube.com https://*.googleadservices.com 'unsafe-inline' 'unsafe-eval' 'self'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data: 'self';
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin