nls.uk

HTML metadata

Title: National Library of Scotland | Home
Description: Learn about who we are and what we do at the National Library of Scotland. Read stories, donate, request an item, or find out how to research our collections.
Language: en-GB
Canonical: https://www.nls.uk/

Open Graph

url: https://www.nls.uk/
title: National Library of Scotland | Home
site name: National Library of Scotland
description: Learn about who we are and what we do at the National Library of Scotland. Read stories, donate, request an item, or find out how to research our collections.

Technology

CDN: Azure Front Door
CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (2)

cc.cdn.civiccomputing.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

Nominet UK

Created

1995-07-18

Expires

2027-07-18 425 days left

Updated

2025-07-18

Name servers

ns10.ja.net.
ns11.ja.net.
ns12.ja.net.

DNS records live

NS

ns10.ja.net
ns11.ja.net
ns12.ja.net

MX

10 uk.mx1.mailanyone.net
20 uk.mx2.mx25.net
30 uk.mx3.mailanyone.net
40 uk.mx4.mx25.net

TXT

Show 5 TXT records

google-site-verification=lPDczaotA_nCqOljFrEl2ukxtX9pTCGLdEkvcp9z27s
mandrill_verify.py1RunMVxJhLb1KpHDYztQ
easydmarc-verification:b6df1319-c1f8-45fb-b4af-95ab5e684376
atlassian-domain-verification=V8UEL8bLbsCAxuMkro1T03iUFPuqDLFOOeIsmGUKVSF8a/vHrlLtVYBvqmXhwDK2
atlassian-sending-domain-verification=4e4074ad-e48f-4c46-9bb4-23ad61625a73

Email authentication strong

SPF

v=spf1 ip4:193.130.15.157 ip4:52.156.253.32/28 include:spf.mailanyone.net include:servers.mcsv.net include:spf-eu.exlibrisgroup.com include:spf.protection.outlook.com include:outboundmail.blackbaud.net ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;rua=mailto:rua@nls.uk,mailto:d0ea9b06cc@rua.easydmarc.eu;ruf=mailto:ruf@nls.uk,mailto:d0ea9b06cc@ruf.easydmarc.eu;ri=3600;fo=1;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rlpD0eqZtPBQKi7PWi13n6JE5Q5PEcAjYQB9hPUYqUcX6rw+X9jCfedMIivnXP89xXfgJnU5c46Rr…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtkqajAuE40DAAI/C0iP/Tp/Np3toD8szWM9hnU9oEJ7Hn2T+EB/FI542o6/xo1I8DrGqK/cep1FeaNG91ci…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…

selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-02-24 to 2026-08-25

Expires in 98 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.nls.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://ssl.p.jwpcdn.com https://az416426.vo.msecnd.net https://player.vimeo.com https://www.youtube.com https://tagmanager.google.com https://s.ytimg.com https://*.googletagmanager.com https://bbox.blackbaudhosting.com https://payments.blackbaud.com https://www.google.com https://cc.cdn.civiccomputing.com https://www.clarity.ms https://c.bing.com https://a.clarity.ms https://b.clarity.ms https://c.clarity.ms https://d.clarity.ms https://e.clarity.ms https://f.clarity.ms https://g.clarity.ms https://h.clarity.ms https://i.clarity.ms https://j.clarity.ms https://k.clarity.ms https://l.clarity.ms https://m.clarity.ms https://n.clarity.ms https://o.clarity.ms https://p.clarity.ms https://q.clarity.ms https://r.clarity.ms https://s.clarity.ms https://t.clarity.ms https://u.clarity.ms https://v.clarity.ms https://w.clarity.ms https://x.
strict-transport-security: max-age=31536000; includeSubDomains