cynnalcymru.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-17 · ok HTTP/1.1 200 4831 ms crawled 2026-05-11

GB · 83.223.106.14 · AS29017 NTT Global Data Centers EMEA UK Ltd.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title

Cynnal Cymru – Sustain Wales – The leading sustainable development charity in Wales

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://cynnalcymru.com/

Translations

Feeds

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (6)

fonts.googleapis.com×3
www.googletagmanager.com×2
api.thegreenwebfoundation.org×1
cdn-cookieyes.com×1
fonts.gstatic.com×1
gmpg.org×1

Contact

Email

0810shwmae@cynnalcymru.com

Phone

029 2294 0810

DNS records live

NS

ns1.tantrwm.co.uk
ns2.tantrwm.co.uk

MX

0 cynnalcymru-com.mail.protection.outlook.com

TXT

google-site-verification=a8L72rLJrlz0LI-KGLvDLYeZbNn9zH4vvCIqNuwHb1w

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

from 2026-02-28 to 2026-05-30

Expires in 10 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://cynnalcymru.com/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: script-src * 'self' 'unsafe-inline' 'unsafe-eval' wistia.com youtube.com blob:

Links to (2)

eepurl.com×2
list-manage.com×2