indexo.dev

gov.scot

.scot user

First seen 2026-05-10 · Last seen 2026-05-10 · ok HTTP/1.1 200 268 ms crawled 2026-05-10

US · 76.223.17.44 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector government type homepage

HTML metadata

Title
The Scottish Government - gov.scot
Description
The devolved government for Scotland has a range of responsibilities that include: the economy, education, health, justice, rural affairs, housing, environment, equal opportunities, consumer advocacy and advice, transport and taxation.
Language
en
Canonical
https://www.gov.scot/

Open Graph

url
https://www.gov.scot/
title
The Scottish Government
description
The devolved government for Scotland has a range of responsibilities that include: the economy, education, health, justice, rural affairs, housing, environment, equal opportunities, consumer advocacy and advice, transport and taxation.

Technology

CDN
Amazon CloudFront
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • www.gov.scot×23
  • fonts.googleapis.com×1
  • maxcdn.bootstrapcdn.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns0.ja.net
  • ns2.ja.net
  • ns3.ja.net
  • ns4.ja.net
MX
  • 10 gw000222-eu.fortimail.com
TXT
Show 10 TXT records
  • f656a36a-06b2-499c-975e-a5b96936d059
  • sophos-domain-verification=69434be7ab5a32e9a873ab04f506f7eae5cebcd6f737314740963d1a3a733919
  • amazonses:+IRKijQ9attdEzslVtsyA/aP1lN1223zH/qUhyokSO8=
  • mandrill_verify.c3kJbditxHDJPlxkEYwS1A
  • wt072rsq7n8fqd0r2059cqv41t3q1fbf
  • GdVH0pWMXrCmuH89V/YmSx117xsFCE8PcBxtkC4D7bsITYF7o5XoK3oWgB/uF1btAwD+9bM1vCkYi57gkJzohg==
  • neat-pulse-domain-verification-nXRBJRX=394e335b-d828-4247-ae1a-6925092320a1
  • 62r1c6jmdyz74v7vcv25yqyz3t4gnd50
  • d31db53a6cf44577ddb450c45178097a3c86f5725fa78ef3a723dab0983ac76c
  • barco-verification=2181064f-1bd6-548b-98e7-802bc37d5e9e
Verified for
  • Adobe
  • Apple
  • Atlassian
  • Brevo
  • Dropbox
  • GlobalSign
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:_u.gov.scot._spf.smart.ondmarc.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; pct=100; sp=none; rua=mailto:0a819833@inbox.ondmarc.com,mailto:dmarc-rua@dmarc.service.gov.uk; ruf=mailto:0a819833@inbox.ondmarc.com,mailto:dmarc@gov.scot; adkim=r; aspf=r; fo=1; rf=afrf; ri=3600
policy: reject (enforced) · sp=none
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R13
from 2026-03-24 to 2026-06-22
Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.gov.scot/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), autoplay=(), camera=(), clipboard-read=(), clipboard-write=(self), cross-origin-isolated=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
script-src 'nonce-x4Bzfx2o8SRgt4piLHXBSg' 'self' https://www.youtube.com https://s.ytimg.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://translate.google.com https://translate.googleapis.com https://plausible.io; img-src 'self' data: https://*.ytimg.com https://img.youtube.com https://www.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://cdn.prgloo.com; connect-src 'self' https://*.google-analytics.com https://*.analytics.google.com https://plausible.io; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://tagmanager.google.com https://translate.google.com https://translate.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' data: https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; frame-src https://www.youtube.com https://youtu.be https://www.
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (8)