thepensionsregulator.gov.uk

HTML metadata

Title

The Pensions Regulator (TPR) - Home

Description

The Pensions Regulator (TPR) protects the UK’s workplace pensions. We make sure employers meet their automatic enrolment duties, and trustees and pension specialists fulfil their duties to scheme members.

Language

en-GB

Canonical

https://www.thepensionsregulator.gov.uk/en/

Translations

cy

Social

Registration

Registrar

Safenames Ltd

Created

2003-08-22

Expires

2027-08-22 458 days left

Updated

2025-09-09

Name servers

dns1.safenames.com
dns2.safenames.net
dns3.safenames.org

DNS records live

NS

dns1.safenames.com
dns2.safenames.net
dns3.safenames.org

MX

10 eu-smtp-inbound-psc-1.mimecast.com
10 eu-smtp-inbound-psc-2.mimecast.com

TXT

bf29aj29l2bace6cih4vba9amk
itQ8JS7hiIGxPEd1SV6c7QsfNNnxNPZpv+k15KodAu5yjdmXMGqSBZAaxaBcm5Q1s2QT6+s7m1CeNvwO8eS6qw==
msfpkey=5rm8d9enzz2u8dt6q9wbnqp13

Verified for

Dynamics 365
Google

Email authentication strong

SPF: v=spf1 include:eur.pb-dynmktge.com include:pb-dynmktge.com include:pt-dynmktge.com include:eu._netblocks.mimecast.com ip4:31.221.45.186 ip4:134.170.174.0/24 ip4:157.56.120.128/26 include:spf.protection.outlook.com -all
strict (-all)
DMARC: v=DMARC1; p=quarantine; rua=mailto:e1nXHAMeeTf@dmarc-rua.mailcheck.service.ncsc.gov.uk,mailto:fa273b1d1766015@rep.dmarcanalyzer.com; ruf=mailto:fa273b1d1766015@for.dmarcanalyzer.com; fo=1;
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2025-07-07 to 2026-08-08

Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.thepensionsregulator.gov.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy

findings

CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),execution-while-not-rendered=(),execution-while-out-of-viewport=(),fullscreen=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),navigation-override=(),payment=(),picture-in-picture=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=(),xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'none'; require-trusted-types-for 'script'; script-src 'self' 'nonce-GXq2CQv80GqbTRE6xJozH9cYOeM=' https://*.clarity.ms https://youtube.com https://www.youtube.com https://www.youtube-nocookie.com https://tagmanager.google.com https://googletagmanager.com https://*.googletagmanager.com 'sha256-2HkxetEYpvRJJqtCOBOYwpOmNPEdyNpKitHkPZRaVLg=' https://i.ctnsnet.com https://www.google.com/recaptcha/;style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.clarity.ms https://c.bing.com https://googletagmanager.com https://*.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://*.google-analytics.com https://i.ytimg.com https://sp.analytics.yahoo.com https://i.ctnsnet.com; frame-src https://www.googletagmanager.com https://youtube.com https://www.youtube.com https://www.youtube-nocookie.com https://consentag.eu https://www.google.com/recap
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: credentialless