chapterzeroalliance.org

HTML metadata

Technology

CDN

Cloudflare

CMS

WordPress 7.0

jQuery

3.7.1

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• public.tockify.com×2
• gmpg.org×1
• www.googletagmanager.com×1
• www.slingshot.co.uk×1

Social

• linkedin
• youtube

DNS records live

NS

• justin.ns.cloudflare.com
• nucum.ns.cloudflare.com

MX

• 10 uk.mx1.mailanyone.net
• 20 uk.mx2.mx25.net
• 30 uk.mx3.mailanyone.net
• 40 uk.mx4.mx25.net

TXT

• vpe=ba4e55b7

Verified for

• Atlassian
• Google
• Microsoft
• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:spf.mailanyone.net -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=quarantine; rua=mailto:mailauth-reports@glueup.email

policy: none (monitoring only) · sp=quarantine

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFej9SMkPxw3vArbYtfImiPwqXFoCMS+T0gLjA6KmWNzROxRhRz7y/vb/nUQVIeO7V55XYkSu2J5UU…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkf3pcYPaBDvP+IwvtRMUB56gcYlpCoamBP6urOK9pojk7MjY9U5oa0T/yb+XW4AAgfvRPfJUZFHnv…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://chapterzeroalliance.org/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• youtube.com×1
• weforum.org×1
• slingshot.co.uk×1
• linkedin.com×1
• cookiedatabase.org×1
• climate-governance.org×1

Linked from (1)

• chapterzero.pl×1