jbagroup.co.uk

.uk crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 4238 ms crawled 2026-05-16

US · 141.193.213.11 · AS209242 Cloudflare London, LLC

Reputation 94/100 dmarc monitor-only

sector b2b services type homepage

HTML metadata

Title: The JBA Group | JBA Group
Description: JBA Group - helping our clients across the globe to build resilience to flood and environmental risk in a changing climate.
Language: en-GB
Canonical: https://www.jbagroup.co.uk/

Open Graph

url: https://www.jbagroup.co.uk/
title: The JBA Group | JBA Group
locale: en_GB
site name: JBA Group
description: JBA Group - helping our clients across the globe to build resilience to flood and environmental risk in a changing climate.

Technology

CDN: Cloudflare
CMS: WordPress

Contact

Phone

+44 (0)1756 799 919

Registration

Registrar

123-Reg Limited t/a 123-reg

Created

2007-10-12

Expires

2030-10-12 1605 days left

Updated

2025-09-04

Name servers

ns55.domaincontrol.com.
ns56.domaincontrol.com.

DNS records live

NS

ns55.domaincontrol.com
ns56.domaincontrol.com

MX

1 jbagroup-co-uk.mail.protection.outlook.com

TXT

Show 5 TXT records

J86QT72FS9
ojr8lpin9o5v3jp4dii8vv1ggq
autodesk-domain-verification=40qgWVq73Bt-0Zfq8heL
375D5BDA5F29BDAA2779B286491BCB35D4E6AE75A86DC9ED338CD15862C7E08B
cpdodinas57f86sjijd4qgslio

Verified for

Microsoft 365
OpenAI

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com ip4:134.213.195.176 ip4:80.194.116.67 ip4:153.92.242.237 ip4:168.245.93.86 ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:demarc@jbagroup.co.uk;

policy: none (monitoring only)

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPpup39f5xoZOmuRet9VIYMwzWFoVv1AGOnshIYBME9LbCO7rkl2sdFc5GPvQ12JqMniIndlLzULVn89Y2N6…

selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2025-07-30 to 2026-08-31

Expires in 103 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.jbagroup.co.uk/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), camera=(self), magnetometer=(), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.gstatic.com *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.clarity.ms *.bing.com unpkg.com *.cloudflare.com *.vimeo.com *.youtube.com *.myfonts.net *.drv.tw cloud.scorm.com *.licdn.com *.ads.linkedin.com;

Links to (7)

Linked from (2)

jbagr.com×2
jbaconsulting.com×2