visitherefordshire.co.uk

.uk crawl

First seen 2026-04-25 · Last seen 2026-05-18 · ok HTTP/1.1 200 1832 ms crawled 2026-05-18

DE · 78.47.83.33 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title: Visit Herefordshire | Feel a World Away | Official Tourism Site
Description: Everything you need to plan your trip to Herefordshire. Find the best things to do, places to stay and eat. Explore our activities, walking routes and road trips.
Language: en
Generator: Drupal 11 (https://www.drupal.org)
Canonical: https://www.visitherefordshire.co.uk/

Open Graph

url: https://www.visitherefordshire.co.uk/
title: Visit Herefordshire | Feel a World Away | Official Tourism Site
image:url: https://www.visitherefordshire.co.uk/sites/default/files/2021-03/VH-OS-%201200x630%20%281%29.png
site name: Visit Herefordshire
description: Everything you need to plan your trip to Herefordshire. Find the best things to do, places to stay and eat. Explore our activities, walking routes and road trips.
updated time: 2026-05-12T21:28:51+0100

Technology

Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

Team Blue Internet Services UK Limited t/a Team Blue Internet Services Limited t/a names.co.uk

Created

2003-05-30

Expires

2028-05-30 740 days left

Updated

2025-06-20

Name servers

ns0.phase8.net.
ns1.phase8.net.
ns2.phase8.net.

DNS records live

NS

ns0.phase8.net
ns1.phase8.net
ns2.phase8.net

Verified for

Brevo
Google
Meta

Email authentication no MX

SPF

v=spf1 include:spf.sendinblue.com mx ~all

softfail (~all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400

policy: none (monitoring only) · sp=none

DKIM

mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

from 2026-04-27 to 2026-07-26

Expires in 66 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.visitherefordshire.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
weak content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'none'; style-src 'self' 'unsafe-inline' 'unsafe-eval' *; img-src 'self' 'unsafe-inline' data: blob: *; media-src 'self'; frame-src *; frame-ancestors 'self'; child-src 'self' blob:; font-src *; connect-src 'self' *; report-uri /report-csp-violation
strict-transport-security: max-age=31536000