chtstrees.co.uk

HTML metadata

Technology

Server

LiteSpeed

CMS

Gatsby

jQuery

1.11.2 known XSS (<3.5)

Fonts

• Google Fonts

Third-party hosts loaded (4)

• maxcdn.bootstrapcdn.com×3
• ajax.googleapis.com×1
• apis.google.com×1
• fonts.googleapis.com×1

Social

• instagram
• linkedin
• twitter
• facebook
• youtube

Contact

Email

• info@chtstrees.co.uk
• 7933info@chtstrees.co.uk

Phone

• 023 8089 7933

DNS records live

NS

• ns1.mysecurecloudhost.com
• ns2.mysecurecloudhost.com
• ns3.mysecurecloudhost.com
• ns4.mysecurecloudhost.com

MX

• 0 chtstrees-co-uk.mail.protection.outlook.com

TXT

• 0ed1fe018a3beaed64006746aabe96979852a63b79

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:198.38.92.237 include:spf.mysecurecloudhost.com ip4:77.95.113.11 +a +mx +ip4:139.162.200.189 include:spf.mailjet.com include:spf.protection.outlook.com include:_netblocks.mimecast.com ~all

softfail (~all)

DMARC

v=DMARC1;p=none

policy: none (monitoring only)

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLjAJ9SPFwX317vO6r77D0jc0IY0YStY94PcqRaC/7s93u09KdsyoFIaBpOQ6bMOSiOiY/U/b58qY5…
• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG/hCo+YOtuftjv3B3ZXeNRDTIvcQdf5hAifORqUuPDvhMsU/pXrAEr9pc6i3rfM/pYft5E03x2sYja1C5LM…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.chtstrees.co.uk/

present

• x-frame-options
• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (13)

• youtube.com×1
• ukfisa.com×1
• twitter.com×1
• trustmark.org.uk×1
• trees.org.uk×1
• nqa.com×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1
• constructionline.co.uk×1
• checkatrade.com×1
• chas.co.uk×1
• achilles.com×1

Linked from (1)

• safetmservices.co.uk×1