sor.org

.org crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 2804 ms crawled 2026-05-15

US · 104.26.2.245 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Home | SoR
Language: en
Canonical: https://www.sor.org/

Open Graph

url: https://www.sor.org/
title: Home | SoR
locale: en-GB
site name: SoR

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×2
cdnjs.cloudflare.com×1
fonts.gstatic.com×1
stackpath.bootstrapcdn.com×1
www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar

Tucows Domains Inc.

Created

1998-07-07

Expires

2026-07-06 46 days left

Updated

2025-07-10

Name servers

arushi.ns.cloudflare.com
josh.ns.cloudflare.com

DNS records live

NS

arushi.ns.cloudflare.com
josh.ns.cloudflare.com

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

l09YDm1wF5ylIXJ2nE+GVlbxnDP/XWSKkhMQdsPYfBwaRC5pevPEmQRxRbAgiSZwbihxK0H9Cn1SJDpnBx3OjA==

Verified for

Apple
GlobalSign
Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:msgfocus.com include:_netblocks.mimecast.com include:spf.protection.outlook.com ip4:31.210.128.138 ip4:31.222.145.213 a mx ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@sor.org;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttpst0aGZYcTkL8O++i8p8tSWgu0yFPrpLo4qnhNRdmTMH39xANgyO63j6EevSNI4XIlXfBjLFxGI9…

selectors probed

Certificate (current)

WE1

from 2026-03-26 to 2026-06-24

Expires in 34 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.sor.org/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SameOrigin
x-content-type-options: nosniff
content-security-policy: default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' unpkg.com *.google.com cdnjs.cloudflare.com stackpath.bootstrapcdn.com payments.worldpay.com polyfill.app polyfill.io *.googleapis.com cdn.thinglink.me thinglink.com ajax.cloudflare.com *.hotjar.com google-analytics.com tagmanager.google.com googletagmanager.com https://www.youtube.com gstatic.com https://www.clarity.ms https://www.googletagmanager.com https://connect.facebook.net https://platform.twitter.com https://player.vimeo.com https://pme.proquest.com https://www.google.com https://conoret.com https://www.gstatic.com https://www.google-analytics.com;style-src 'self' 'unsafe-inline' payments.worldpay.com fast.fonts.net cdn.thinglink.me fonts.googleapis.com https://cdn.honey.io;img-src 'self' data: *.sor.org https://www.collageofradiographers.ac.uk img.youtube.com cdn.thinklink.me i.vimeocdn.com cdnjs.cloudflare.com i.ytimg.com www.google-analytics.com https://www.googletagmanager.com www.gstatic.com https://custom

Links to (6)

Linked from (1)

collegeofradiographers.ac.uk×1