btps.co.uk

.uk crawl

First seen 2026-04-26 · Last seen 2026-05-19 · ok HTTP/1.1 200 1557 ms crawled 2026-05-19

GB · 20.68.186.122 · AS8075 Microsoft Corporation

Reputation 75/100 wrong cert

Classifying

HTML metadata

Title: BTPS Portal - Home

Technology

CMS: Joomla

Analytics

Google Tag Manager

Third-party hosts loaded (2)

cc.cdn.civiccomputing.com×1
www.googletagmanager.com×1

Contact

Phone

Registration

Registrar

Safenames Ltd

Created

2009-11-23

Expires

2027-11-23 551 days left

Updated

2025-11-16

Name servers

pdns1.ultradns.net.
pdns2.ultradns.net.
pdns3.ultradns.org.
pdns4.ultradns.org.
pdns5.ultradns.info.
pdns6.ultradns.co.uk.

DNS records live

NS

pdns1.ultradns.net
pdns2.ultradns.net
pdns3.ultradns.org
pdns4.ultradns.org
pdns5.ultradns.info
pdns6.ultradns.co.uk

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

Show 11 TXT records

_7l6i8j3qim9qolrb5du11273g6nuy9p
_9sk8wkdryyk7taxh52vs2xw1ytwxpbi
_a5iqkeemubg0ez4r51y0ujthlnaynak
csjt05v7gm2m5khvc6wwn300hc3zsdjd
dxqn73131sl8r9nwsgd8n060z86r814x
zmb6611w885sk24wr7rbqg11l2wph2bf
v5nOMCh47NvSauC4lllj/9C0Ks0T3DeP/AAlnSIgx5k=
0c1jyt6pzhmv1k1ttt5hxzwv57rwtflb
5nz3fn7rs8tmh6glb1xljtd9dpyk9wgf
8b96d7xnsztqf5r5sd6sqrq52l19kh89
_2l9e0oclu0lyptrr1bv0hrh0v520pyd

Verified for

Apple
DocuSign
GlobalSign
Microsoft 365

Email authentication strong

SPF: v=spf1 ip4:51.132.132.113 ip4:51.143.240.228 ip4:51.145.127.212 ip4:51.132.209.67 ip4:51.132.209.197 ip4:20.90.108.126 include:spf.mailjet.com include:eu._netblocks.mimecast.com ~all
softfail (~all)
DMARC: v=DMARC1; p=reject; pct=100; rua=mailto:a.ttynkni7@sdmarc.net,mailto:dmarc@btps.co.uk; ruf=mailto:dmarc@btps.co.uk
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current) wrong cert

RapidSSL TLS RSA CA G1

from 2026-03-30 to 2026-10-15

Expires in 147 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.btps.co.uk/Index

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: www.btps.co.uk btps.co.uk player.vimeo.com api.addressy.com *.google.co.uk *.google.com *.g.doubleclick.net *.googletagmanager.com apikeys.civiccomputing.com cc.cdn.civiccomputing.com *.google-analytics.com ajax.googleapis.com fonts.googleapis.com i.s-microsoft.com fonts.gstatic.com www.gstatic.com online.swagger.io services.postcodeanywhere.co.uk; frame-ancestors 'self'
strict-transport-security: max-age=31536000;includeSubDomains

Links to (2)

vimeo.com×2
yourlandscape.co.uk×2

Linked from (2)

inclusioninfinance.com×2
diversityproject.com×1