policecare.org.uk

.uk crawl

First seen 2026-05-18 · Last seen 2026-05-31 · ok HTTP/1.1 200 14369 ms crawled 2026-05-22

US · 141.193.213.20 · AS209242 Cloudflare London, LLC

Reputation 100/100

Classifying

HTML metadata

Title: Police Care UK - Police charity for serving and former police officers, police staff, police volunteers, and the police family across the UK
Description: Supporting the wellbeing of those in the Police family exposed to harm by police service
Language: en
Canonical: https://www.policecare.org.uk/

Open Graph

url: https://www.policecare.org.uk/
title: Police Care UK
locale: en_US
site name: Police Care UK
description: Supporting the wellbeing of those in the Police family exposed to harm by police service

Technology

CDN: Cloudflare
CMS: WordPress
jQuery: 3.6.3

Third-party hosts loaded (1)

ajax.googleapis.com×4

Social

Contact

Phone

03000120030

DNS records live

NS

ns-1129.awsdns-13.org
ns-1732.awsdns-24.co.uk
ns-372.awsdns-46.com
ns-786.awsdns-34.net

MX

0 policecare-org-uk.mail.protection.outlook.com

Verified for

Google

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.uk.exclaimer.net ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCNMqTNxuyDVbO/u3dV+uU8hTFXovpU57SHTugPKXH7et/0fHqmR1tH3oKDBbHNHhK+9Io1XoXTIlU6mvpg4M…

selectors probed

Certificate (current)

WE1

from 2026-04-29 to 2026-07-28

Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.policecare.org.uk/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), camera=(), microphone=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cloudflare.com https://*.jsdelivr.net https://*.googleapis.com https://www.youtube.com https://s.ytimg.com https://*.gstatic.com https://*.googlevideo.com https:; style-src 'self' 'unsafe-inline' https://*.cloudflare.com https://*.jsdelivr.net https://*.googleapis.com https:; img-src 'self' data: blob: https://i.ytimg.com https://*.googlevideo.com https:; font-src 'self' data: https:; connect-src 'self' https://*.googlevideo.com https://*.youtube.com https:; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://*.blackbaud.com; frame-ancestors 'self';