nycancerfoundation.org

HTML metadata

Technology

Server

nginx

CMS

Gatsby

Analytics

• Google Tag Manager

Social widgets

• YouTube Embed

Third-party hosts loaded (3)

• www.googletagmanager.com×2
• maps.google.com×1
• www.youtube.com×1

Social

• facebook
• instagram
• linkedin

Contact

Phone

• 833-588-6923
• 631-569-8519

DNS records live

NS

• ns-cloud-c1.googledomains.com
• ns-cloud-c2.googledomains.com
• ns-cloud-c3.googledomains.com
• ns-cloud-c4.googledomains.com

MX

• 1 mx.paubox.com

TXT

• duo_sso_verification=9WmvsRXhifZrbSdNC1S8R3CTTnbjwqBXvwfT0yMfPEHV55LK3RGVpavnOKfclEwV
• knowbe4-site-verification=b377af8132074c791e44a30e6c1f84b5

Verified for

• Google

Email authentication partial

SPF

v=spf1 include:_spf.google.com include:_spf.paubox.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@nycancer.com

policy: none (monitoring only)

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngAADkAoyCwb4KSYJYHQsw0POffHwwxtCfOymiJQu6KhVAmfX+C1aptg4xamSKLAV+eMVHMGSYadwt…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://nycancerfoundation.org/

present

• x-frame-options

findings

• missing HSTS
• missing Content Security Policy
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (4)

• newyorkcancer.com×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1

Linked from (1)

• donoratlas.com×1