indexo.dev

rothesay.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-07 · ok HTTP/1.1 200 803 ms crawled 2026-05-07

US · 13.107.246.38 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Securing pensions for the future | Rothesay
Description
Rothesay is the UK's largest pensions insurance specialist - managing over £73bn in assets and securing pensions for nearly one million people.
Language
en
Canonical
https://www.rothesay.com/

Open Graph

url
https://www.rothesay.com/
title
Home
description
Rothesay is the UK's largest pensions insurance specialist - managing over £73bn in assets and securing pensions for nearly one million people.

Technology

CDN
Azure Front Door

Third-party hosts loaded (1)

  • cdn.cookie-script.com×1

Contact

Address
The Post Building, 100 Museum Street, WC1A 1PB, London, GB

Registration

Registrar
CSC Corporate Domains, Inc.
Created
1999-02-09
Expires
2027-02-09 264 days left
Updated
2026-02-05
Name servers
  • udns1.cscdns.net
  • udns2.cscdns.uk

DNS records live

NS
  • udns1.cscdns.net
  • udns2.cscdns.uk
MX
  • 10 eu-smtp-inbound-1.mimecast.com
  • 10 eu-smtp-inbound-2.mimecast.com
TXT
Show 5 TXT records
  • wiz-domain-verification=36acc6c7b0a77b181673e77a89c182019d9eee83f96edad1f55e6bcccaae65a4
  • access-domain-verification=67e63e7cd86281e7e62bcf6bdc3d336c11bfea147410c3747c9ba22c6a357f63
  • access-domain-verification=d8c03777065c764ead2ae9ee6e5cfbe78e69ec303caa1c7bad346babb338b7f5
  • rr5a24af4fd2jfopjnisbu2mi
  • _iyzhsujidscdpiha3cez76oh27nlu3f
Verified for
  • Atlassian
  • DocuSign
  • Google
  • Microsoft 365
  • OneTrust
  • OpenAI

Email authentication strong

SPF
v=spf1 include:_spf.gs.com include:eu._netblocks.mimecast.com include:mg-spf.greenhouse.io -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; fo=1; ri=3600; rua=mailto:dmarc_rua@emaildefense.proofpoint.com,mailto:ae0df019@inbox.ondmarc.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com,mailto:ae0df019@inbox.ondmarc.com;
policy: reject (enforced)
DKIM
  • k1: k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5l+Xv/GCyQJTKpE/0jRSE2nEBLo3ghMKH+Euzezlt3YtD76IHdv87scCZPgbpXxuQBVDXKVWavDSlUY6ZoM3zBg…
selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1
from 2026-03-11 to 2026-09-12
Expires in 114 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.rothesay.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
autoplay=self, camera=(), microphone=()
x-content-type-options
nosniff
content-security-policy
script-src 'strict-dynamic' 'self' cdn.cookie-script.com report.cookie-script.com dc.services.visualstudio.com js.monitor.azure.com *.googlesyndication.com *.google-analytics.com *.googletagmanager.com player.vimeo.com *.gstatic.com *.recaptcha.net 'nonce-/nANDEWVaEtxNrXp6ylFP0byNlvK0cHX4uApdhX6YwM='; style-src 'unsafe-inline' 'self' gstatic.com; default-src 'none'; manifest-src 'self'; frame-ancestors 'self'; img-src 'self' data:; frame-src 'self' player.vimeo.com googletagmanager.com *.recaptcha.net google.com *.turn2us.org.uk; font-src 'self' data:; connect-src 'self' dc.services.visualstudio.com js.monitor.azure.com *.googlesyndication.com *.google-analytics.com *.recaptcha.net *.google.com *.cookie-script.com *.turn2us.org.uk; base-uri 'self'
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (1)

Linked from (1)