ccil.org

HTML metadata

Title

Home

Language

en-US

Open Graph

url

https://www.ccil.org/

title

Home

description

My Account

Technology

Server

ESF

Fonts

• Google Fonts

Third-party hosts loaded (4)

• lh3.googleusercontent.com×7
• fonts.googleapis.com×2
• www.gstatic.com×2
• apis.google.com×1

Registration

Registrar

Squarespace Domains II LLC

Created

1994-01-10

Expires

2027-01-09 235 days left

Updated

2025-12-30

Name servers

• ns-cloud-a4.googledomains.com
• ns-cloud-a1.googledomains.com
• ns-cloud-a3.googledomains.com
• ns-cloud-a2.googledomains.com

DNS records live

NS

• ns-cloud-a1.googledomains.com
• ns-cloud-a2.googledomains.com
• ns-cloud-a3.googledomains.com
• ns-cloud-a4.googledomains.com

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

Email authentication partial

SPF

v=spf1 a mx include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvQ2gopOJKgcpLKPZwPkfDF1nQ9CPq9YdPxW4yiKcRG68RTKF+RSqe1jaroLEC3OSKGrrGx2ALh60g…

selectors probed

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.ccil.org/

present

• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• cross-origin-opener-policy
• cross-origin-resource-policy

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• missing Permissions Policy

Links to (1)

• google.com×2

Linked from (1)

• shub-internet.org×2