bofas.org.uk

.uk crawl

First seen 2026-04-14 · Last seen 2026-05-08 · ok HTTP/1.1 200 1275 ms crawled 2026-05-07

GB · 51.89.237.164 · AS16276 OVH SAS

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Home
Language: en-GB

Technology

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.googleapis.com×2
www.googletagmanager.com×1

Social

DNS records live

NS

ns1.livedns.co.uk
ns2.livedns.co.uk
ns3.livedns.co.uk

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

mandrill_verify.4EC5C2a45Ac44Ye3iIQXEQ

Verified for

Google

Email authentication partial

SPF

v=spf1 mx include:spf.mandrillapp.com ip4:79.174.168.231 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo562osGjK3+DkmzN5w+/lx9PmKnsjyaiWDqLJqRkbMuQGdhpQhztm9JAvlCH31YRs1lj4nCaJyiwR4…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-01-06 to 2027-01-07

Expires in 231 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.bofas.org.uk/

present

x-frame-options

findings

missing HSTS
missing Content Security Policy
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN