hymansrobertsonfoundation.org

.org crawl

First seen 2026-04-21 · Last seen 2026-05-14 · ok HTTP/1.1 200 2560 ms crawled 2026-05-15

US · 150.171.109.196 · AS8075 Microsoft Corporation

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: HRF Site | Hymans Robertson Foundation
Description: Represents the HRF site using a multisite setup
Language: en
Canonical: https://hymansrobertsonfoundation.org/

Open Graph

title: HRF Site
description: Represents the HRF site using a multisite setup

Technology

CDN: Azure Front Door

Analytics

Google Tag Manager

Third-party hosts loaded (3)

www.hymans.co.uk×25
cc.cdn.civiccomputing.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

Easyspace Limited

Created

2020-02-20

Expires

2028-02-20 640 days left

Updated

2026-01-26

Name servers

toby.ns.cloudflare.com
val.ns.cloudflare.com

DNS records live

NS

toby.ns.cloudflare.com
val.ns.cloudflare.com

MX

5 hymansrobertsonfoundation-org.mail.protection.outlook.com

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8FqZu3fd1uaUe32Sz1vU7+tiOsWmdO6rTpmhXV4hqZdLwAUjl7zlm8RRZxIaXWI+QOnUY6+IQX7yN…

selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-03-10 to 2026-09-11

Expires in 113 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://hymansrobertsonfoundation.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: SameOrigin
x-content-type-options: nosniff
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googletagmanager.com https://*.doubleclick.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.umbraco.com cc.cdn.civiccomputing.com https://*.monitor.azure.com https://*.msecnd.net https://*.dc.services.visualstudio.com https://*.clickdimensions.com https://*.hymans.co.uk https://*.hotjar.com https://snap.licdn.com https://static.oktopost.com widget.spreaker.com https://public.flourish.studio https://cdn.lightsite.ai https://api.llm-discovery-api.com https://*.crazyegg.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.clickdimensions.com https://*.crazyegg.com;img-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.google.co.uk https://*.google.com https://*.umbraco.com https://*.linkedin.com https://*.vimeocdn.com https://*.clickdimensions.com https://online.flippingbook.com data: https://*.hymans.co.uk https://public.flo
strict-transport-security: max-age=31536000; includeSubDomains

Links to (5)

Linked from (2)

hymans.co.uk×2
hymansinvestmentservices.co.uk×1