stephenreescarter.net

.net crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 195 ms crawled 2026-05-19

US · 172.67.151.25 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Stephen Rees-Carter On security, development, and other such things...

Description

Hi, I'm Stephen Rees-Carter, a Senior Developer, Security Researcher & International Speaker. I'm also the Technical Manager at WithExtraVeg.

Language

en-AU

Generator

WordPress 6.8.5

Canonical

https://stephenreescarter.net/

Feeds

Open Graph

url: https://stephenreescarter.net/
title: Stephen Rees-Carter On security, development, and other such things...
locale: en_US
site name: Stephen Rees-Carter
description: Hi, I'm Stephen Rees-Carter, a Senior Developer, Security Researcher & International Speaker. I'm also the Technical Manager at WithExtraVeg.
updated time: 2025-07-23T10:41:25+10:00

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Cloudflare Insights
Fathom

Third-party hosts loaded (4)

cdn.usefathom.com×2
cdn.jsdelivr.net×1
gmpg.org×1
static.cloudflareinsights.com×1

Social

Registration

Registrar

Synergy Wholesale Accreditations Pty Ltd

Created

2018-06-01

Expires

2027-06-01 376 days left

Updated

2026-05-17

Name servers

algin.ns.cloudflare.com
jamie.ns.cloudflare.com

DNS records live

NS

algin.ns.cloudflare.com
jamie.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

keybase-site-verification=6U-b6fIlpyAbu3zX05sUUPEXyI0Hg9AlTqbw-Mj48XQ
duskbane-verify=kQj9EDklglVmtwX8hrNI3qs1RNxsRywHw3iotqmWPKRulbCtns5rXgYvHWTkOWBI
have-i-been-pwned-verification=946980ab96e52be5033fe1a411ce051c

Verified for

Google

Email authentication weak

SPF: v=spf1 a mx include:_spf.google.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-05-08 to 2026-08-06

Expires in 77 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 100/100 Checked live page: https://stephenreescarter.net/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; report-uri https://valorin.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: default-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.cloudflare.com asciinema.org cdn.usefathom.com cdn.syndication.twimg.com gist.github.com/valorin/ platform.twitter.com static.cloudflareinsights.com v0.wordpress.com video.wordpress.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ ; style-src 'self' 'unsafe-inline' ajax.googleapis.com/ajax/libs/jqueryui/ fonts.googleapis.com github.githubassets.com platform.twitter.com ; img-src 'self' assets.digitalocean.com blob: data: i.ytimg.com cdn.usefathom.com pbs.twimg.com platform.twitter.com ps.w.org s.w.org s0.wordpress.com s0.wp.com secure.gravatar.com syndication.twitter.com www.gstatic.com ; font-src 'self' data: fonts.gstatic.com ; connect-src 'self' yoast.com ; frame-src 'self' asciinema.org larasec.substack.com platform.twitter.com www.google.com www.youtube.com ; form-action 'self' ; report-uri https://valorin.report-uri.com/r/d/csp/reportOnly