indexo.dev

sfa-oxford.com

.com crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 3020 ms crawled 2026-05-15

GB · 212.70.64.236 · AS16174 Intuitiv Ltd.

Reputation 100/100

Classifying

HTML metadata

Title
Joining the Dots in Critical Metals, Energy and Sustainability | SFA (Oxford)
Description
SFA (Oxford) provides bespoke consulting and research services in industries using Platinum Group Metals, Battery Metals and Materials, Green Hydrogen and Fuel Cells..
Language
en-GB
Canonical
https://www.sfa-oxford.com/

Open Graph

url
https://www.sfa-oxford.com/
title
Joining the Dots in Critical Metals, Energy and Sustainability | SFA (Oxford)
site name
SFA (Oxford)
description
SFA (Oxford) provides bespoke consulting and research services in industries using Platinum Group Metals, Battery Metals and Materials, Green Hydrogen and Fuel Cells.

Technology

Server
SFA
Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts
Social widgets
  • Vimeo Embed

Third-party hosts loaded (6)

  • player.vimeo.com×5
  • cdn.jsdelivr.net×1
  • maps.googleapis.com×1
  • polyfill.io×1
  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone
Address
rd Science Park, Oxford, OX4 4GA, UK© SFA (Oxford) 2026

Registration

Registrar
SafeNames Ltd.
Created
2004-04-19
Expires
2029-04-19 1064 days left
Updated
2026-02-01
Name servers
  • dns1.idp365.net
  • dns2.idp365.net
  • dns3.idp365.net

DNS records live

NS
  • dns1.idp365.net
  • dns2.idp365.net
  • dns3.idp365.net
MX
  • 0 sfaoxford-com0i.mail.protection.outlook.com
TXT
  • linkedin-site-verification=8c957a6c-1121-4973-bfad-d9ecb2ae16d6
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 ip4:62.232.221.242 ip4:212.70.64.236 include:spf.protection.outlook.com include:_spf.pblin.net include:25932610.spf01.hubspotemail.net -all
strict (-all)
DMARC
v=DMARC1; p=reject;
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8jErtRMyp5z1+uRhhaskqpMHL4V8ddjmi0tDk9Hv2hprTDDKUXgysArqJVpEXxlLfEkETzyCXW4Mm0WVoV8…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R12
from 2026-05-11 to 2026-08-09
Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.sfa-oxford.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com *.google-analytics.com ssl.google-analytics.com *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.vimeo.com *.buzzsprout.com cdn.jsdelivr.net polyfill.io snap.licdn.com secure.boat3deer.com *.hs-scripts.com *.hs-banner.com *.hs-analytics.net *.hscollectedforms.net; img-src 'self' data: *.google-analytics.com *.googleapis.com *.google.com *.gstatic.com *.googleusercontent.com *.doubleclick.net *.linkedin.com *.google-analytics.com *.hsforms.com *.hubspot.com; object-src 'self'; style-src 'self' 'unsafe-inline' www.googletagmanager.com tagmanager.google.com fonts.googleapis.com *.typekit.net *.use.typekit.net; media-src 'self'; font-src 'self' data: fonts.gstatic.com use.typekit.net; frame-src 'self' *.google.com *.youtube.com *.vimeo.com *.buzzsprout.com; form-action 'self' accounts.google.com; connect-src 'self' data: blob: *.google-analytics.
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (1)