mortgagescout.co.uk

HTML metadata

Title

Online Mortgage Broker and Advisor UK | Mortgage Scout

Description

Mortgage Scout introduce their mortgage services for first time buyers, buy to let buyers, house movers and homeowners looking to remortgage.

Language

en-GB

Generator

Starberry CMS

Feeds

RSS 2.0 RSS
Atom 1.0 Atom

Technology

Server: Apache
CMS: Joomla

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (6)

694ffdfdbe7384c99979-3046da7de94ad5dc09884d0a2fb22652.ssl.cf3.rackcdn.com×25
api.feefo.com×1
cdn-ukwest.onetrust.com×1
maxcdn.bootstrapcdn.com×1
www.google.com×1
www.googletagmanager.com×1

Social

Contact

Phone

08001444744

Address

st give us a call on0800

Registration

Registrar

123-Reg Limited t/a 123-reg

Created

2018-08-09

Expires

2026-08-09 80 days left

Updated

2025-08-08

Name servers

ns55.domaincontrol.com.
ns56.domaincontrol.com.

DNS records live

NS

ns55.domaincontrol.com
ns56.domaincontrol.com

MX

0 mortgagescout-co-uk.mail.protection.outlook.com

TXT

5learj7fsf0sg6tp7883m1hkfm
micd40vp8j3n0572airgot7qjr
hnaeq2cer8h225p267npmtbt8g

Verified for

Microsoft 365

Email authentication strong

SPF

v=spf1 include:_u.mortgagescout.co.uk._spf.smart.ondmarc.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; pct=100; sp=reject; rua=mailto:2ba62bc7@inbox.ondmarc.com,mailto:24c065a4800f375@rep.dmarcanalyzer.com; ruf=mailto:2ba62bc7@inbox.ondmarc.com,mailto:24c065a4800f375@for.dmarcanalyzer.com; adkim=r; aspf=r; fo=1; rf=afrf; ri=3600

policy: reject (enforced) · sp=reject

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLUc3V+Dmkfps9rXXdXEKpB38SnDm2YIh4e7AFqdk+nxZsR17HvO+fQDRk16gez7+23SD4aEdXbats…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6C2iiWS56upoVfaNhHibrBneRk27rK4xrZ9VDKPsy+XkQxiLb2dIaVwfLYkC788JL307Iw/+c8q7XZw11S…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZcCGqjNnGwMKi8Rpu7XEY4wR2E4dQT+IYZFcSVjn36hmHgUTF3eevBS8gRsr5QkKcHFi/8QqZArbCPSVy…

selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2026-01-21 to 2027-02-22

Expires in 277 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.mortgagescout.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: microphone geolocation=* 'none'; payment 'none'; sync-xhr 'self' https://*.starberry.com http://*.starberry.com https://www.mortgagescout.co.uk
x-content-type-options: nosniff
content-security-policy: default-src 'self' blob: www.google-analytics.com https://services.postcodeanywhere.co.uk https://secure-fra.livechatinc.com stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' https://*.feefo.com https://nurtur.quiq-api.com https://js-eu1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hs-scripts.com https://api-fra.livechatinc.com https://cdn-ukwest.onetrust.com https://vimeo.com https://www.youtube.com https://cdn.cookielaw.org https://secure-fra.livechatinc.com https://clients.yomdel.com https://universe-static.elfsightcdn.com/ https://*.clarity.ms https://api.livechatinc.com https://www.freeprivacypolicy.com https://vimeo.com https://cht-srvc.net https://cdn.livechatinc.com https://inform.dataloft.co.uk https://apis.google.com https://i.ytimg.com https://www.youtube.com https://optimize.google.com https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com www.locrating.com https://www.googleoptimize.com ht
strict-transport-security: max-age=63072000; includeSubdomains; preload