methodkit.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-19 · ok HTTP/1.1 200 1102 ms crawled 2026-05-19

US · 104.21.47.157 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

MethodKit - MethodKit

Description

Structured thinking for the AI era.

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://methodkit.com/

Feeds

MethodKit » Feed RSS
MethodKit » Comments Feed RSS

Open Graph

url: https://methodkit.com/
title: MethodKit
locale: en_US
site name: MethodKit
description: Structured thinking for the AI era.
updated time: 2026-05-18T14:17:36+02:00

Technology

CDN: Cloudflare
CMS: WordPress 6.9.4
PHP: 8.3.30 security-only
jQuery: 3.7.1

Analytics

Cloudflare Insights
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

cdn.brevo.com×2
unpkg.com×2
www.googletagmanager.com×2
accounts.google.com×1
fonts.googleapis.com×1
static.cloudflareinsights.com×1
www.facebook.com×1

Social

Contact

Phone

Registration

Registrar

Cloudflare, Inc.

Created

2012-07-31

Expires

2026-07-31 71 days left

Updated

2025-07-01

Name servers

elias.ns.cloudflare.com
miki.ns.cloudflare.com

DNS records live

NS

elias.ns.cloudflare.com
miki.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

Brevo
Google

Email authentication partial

SPF

v=spf1 include:_spf.google.com include:servers.mcsv.net include:spf.brevo.com mx ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com

policy: none (monitoring only)

DKIM

k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

WE1

from 2026-04-10 to 2026-07-09

Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://methodkit.com/

present

strict-transport-security
content-security-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.paypalobjects.com/ https://s3.amazonaws.com/ https://*.stripe.com/ https://*.paypal.com/ https://*.instagram.com/ https://*.iubenda.com/ https://cdn.brevo.com/ https://static.cloudflareinsights.com/ https://sibautomation.com/ https://conversations-widget.sendinblue.com/ https://conversations-widget.brevo.com/; img-src 'self' data: blob: https://www.paypalobjects.com/ https://www.googletagmanager.com/ https://*.google-analytics.com/ https://*.gstatic.com/ https://*.hotjar.com/; object-src 'self' data: blob: https://*.paypal.com/ https://*.stripe.com/ https://instagram.com/ https://*.instagram.com/ https://mapsengine.google.com/ https://conversations-widget.brevo.com/ https://accounts.google.com/ https://lottie.host/ https://player.vimeo.com/ https://mapsengine.google.com/ https://*.google.com/; frame-src 'self' data: blob: https://*.paypal.com/ https://*.stripe.com/ https://instagram.com/ https://*.instagram.com/ ht
strict-transport-security: max-age=15552000; includeSubDomains; preload

Links to (5)

Linked from (1)

unmonastery.org×3