surfrider.eu

HTML metadata

Technology

Server

nginx

CMS

WordPress

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (4)

• fonts.googleapis.com×4
• www.googletagmanager.com×2
• fonts.gstatic.com×1
• gmpg.org×1

Social

• instagram
• linkedin
• facebook
• threads
• tiktok

DNS records live

NS

• ns-28-b.gandi.net
• ns-93-a.gandi.net
• ns-94-c.gandi.net

MX

• 0 surfrider-eu.mail.protection.outlook.com

TXT

Show 11 TXT records

• brevo-code:7f142552c79bb3a3f1258bd8b6208f49
• facebook-domain-verification=wn0q0eevqccpafx5bki481kwytfxr6
• ms=ms18071315;ms=ms49978813;ms=ms71561297;google-site-verification=VyT2GSpaGeVcSyFfD3NsXNZvfqEQ1u4we3nxBqDmEEo
• google-site-verification=5SBfNgd-GmzDYSp47rCOMij4aWl2oHJ6_4L6XMEGIN8
• google-site-verification=HUyCP1LGVXiPLwR498BbXPtt2gti3vYjBdg8VvTQL6Y
• apple-domain-verification=xIzZkdS13FejSFjv
• linkedin-site-verification=6cf10b64-6a94-4825-95a3-883926df75ff
• brevo-code:eafba54de047f0d89c79be74beae123d
• brevo-code:13e9cb51e5e607144b936ee44a738a1b
• ms-domain-verification=34f7e62a-2825-4c1c-9ffe-bc6b18fb4504
• google-site-verification=j9fpla5aNFHowUwr02Kt-Ms_TuVV6QxxWNYMBwCPyzo

Email authentication strong

SPF

v=spf1 a include:spf.mailjet.com include:sendgrid.net ip4:51.83.3.160 ip4:54.37.150.5 ip4:151.80.152.148 ip4:151.80.177.179 ip4:109.0.177.113 ip4:91.103.234.96/27 ip4:91.103.237.96/27 ip4:83.206.237.128/26 include:spf.protection.outlook.com include:spf.mandrillapp.com include:spf.causeaeffet.com include:message-business.com include:one.zoho.eu include:spf.brevo.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc@surfrider.eu,mailto:rua@dmarc.brevo.com

policy: quarantine

DKIM

• default: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBywSq7RbiTxzms/lX4Wgtr6FDUBz1gQXI/yuITZKUtC1xA9/lZ2m0EpyVJ4rOf6gBw+AQgtbGHl9g9wBvE…
• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQ1oHxY5xCTCbKbSRJDgFwgRfGu4+vD35vxxwyIBcqSgM4FvvstnmmwvTawJH1hgWebdRWavGJUA+MD+B7Cc…
• selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMeEgiSJKVjwaR+j8QumdEMI2LrlAg2Zm+/F0tVD5qEmhq4jsdv+kyPSCg/cb+IzyAJ6rl+9t5eiRjT+6mBv…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
• mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
• smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://surfrider.eu/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (14)

• threads.net×2
• tiktok.com×2
• typeform.com×2
• facebook.com×2
• initiativesoceanes.org×2
• instagram.com×2
• linkedin.com×2
• oceancampus.eu×2
• oceanweek.eu×2
• surfrider.es×2
• surfriderfoundation.de×2
• threads.com×2
• agencegalopins.com×2
• surfrider.fr×1

Linked from (9)

• surfrider.fr×5
• naskigo.fr×2
• oceanweek.eu×2
• surfrider.es×2
• isosport.org×2
• oceancampus.eu×2
• ffessm.fr×2
• rgoods.com×1
• fondationlemarchand.org×1