ffa.org.uk

HTML metadata

Technology

CDN

Cloudflare

CMS

WordPress 6.9.4

jQuery

3.7.1

Analytics

• Google Tag Manager

Third-party hosts loaded (2)

• gmpg.org×1
• www.googletagmanager.com×1

DNS records live

NS

• anton.ns.cloudflare.com
• haley.ns.cloudflare.com

MX

• 10 _dc-mx.1b4d79f546a0.ffa.org.uk

Verified for

• Google

Email authentication partial

SPF

v=spf1 ip4:91.204.209.10 ip4:81.19.215.47 +a +mx +include:relay.mailchannels.net include:spf.hostns.io -all

strict (-all)

DMARC

v=DMARC1;p=quarantine;sp=none;adkim=r;aspf=r;pct=5;fo=0;rf=afrf;ri=86400;rua=mailto:2d7936b868924e6b844be1ea027fcc5b@dmarc-reports.cloudflare.net

policy: quarantine · pct=5 · sp=none

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rzv/reRnkMF9b0O+MmM33f0zYAxlDu5rVQMfkpJ3oPpPioLIv6gHhrDic97RIx34A5khFtHW9vss+…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://ffa.org.uk/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Linked from (2)

• aopa.uk×1
• aopa.co.uk×1