bearscot.com

HTML metadata

Technology

Server

nginx

CMS

WordPress

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (5)

• ajax.googleapis.com×1
• cdnjs.cloudflare.com×1
• fonts.gstatic.com×1
• pbs.twimg.com×1
• www.googletagmanager.com×1

Social

• linkedin
• twitter
• instagram
• youtube

Contact

Phone

• 2024-05-21 11

Registration

Registrar

IONOS SE

Created

2000-12-15

Expires

2026-12-15 210 days left

Updated

2025-11-15

Name servers

• cruz.ns.cloudflare.com
• luke.ns.cloudflare.com

DNS records live

NS

• cruz.ns.cloudflare.com
• luke.ns.cloudflare.com

MX

• 5 mailserver.bearscot.com

Email authentication strong

SPF

v=spf1 include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:306964898e56593@rep.dmarcanalyzer.com; ruf=mailto:306964898e56593@for.dmarcanalyzer.com; fo=1;

policy: reject (enforced)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tZsRv4potN8Pi/JDAHcmAoQQBNiR0jQ1gvIYiXLdUIBYd2T5TR29ah6tckhkkzKtE87PJqGPdsCFXhyGL…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaMK9sT/IvBhYgzO7eubOAntNV1FXpv+TJ07Ru4hwqxNq3+choCEQS7c5Qofso84d8lljxq0k/iiDW9V6A…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.bearscot.com/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources

Links to (6)

• blue2.co.uk×2
• instagram.com×2
• linkedin.com×2
• theforthbridges.org×2
• twitter.com×2
• youtube.com×2

Linked from (5)

• theforthbridges.org×2
• theihe.org×2
• scotlandsbravest.org.uk×1
• xais-pts.co.uk×1
• ptsinternational.co.uk×1