sherwoodflyingclub.co.uk

.uk crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 308 ms crawled 2026-05-30

GB · 213.165.88.24 · AS8560 IONOS SE

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Sherwood Flying Club
Description: The Sherwood Flying Club brings together people from all walks of life who not only love flying but who also want to fly economically and, above all, safely.
Language: en
Generator: nopCommerce

Technology

Server: Microsoft-IIS
CMS: Ghost
jQuery: 3.4.1 known XSS (<3.5)

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×2

Contact

Phone

=441159811402

DNS records live

NS

ns1.livedns.co.uk
ns2.livedns.co.uk
ns3.livedns.co.uk

MX

10 mailserver.livemail.co.uk

TXT

sherwoodflyingclub.azurewebsites.net

Email authentication partial

SPF

v=spf1 mx a include:_spf.livemail.co.uk ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PScWOlc7pIkatkVwoXlfqVb9yTvLrzYtd93CCu3RK2/jlVjMmxdA/yOqsW6i9TZgp8FqT5QHs4LwEuCGW…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIMuvgJx/tdcGklKSEIecBAjG3Yfn8VVjEkqLZliyC3AHjvJhQnMsCauUNoLPE7hA7n/Hu5r2tDSfvgjpOONIL+1…

selectors probed

Certificate (current)

R12

from 2026-05-14 to 2026-08-12

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://sherwoodflyingclub.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains

Links to (2)

vimeo.com×1
nopcommerce.com×1

Linked from (2)

aopa.uk×1
aopa.co.uk×1