trustuscotton.org

HTML metadata

Title

Home | Trust US Cotton Protocol

Description

The U.S. Cotton Trust Protocol is the voluntary field-level sustainability program and traceability platform for U.S. Cotton. Learn more about the environmental data, supply chain traceability, and continuous improvement.

Language

en-US

Generator

Elementor 4.0.8; features: e_font_icon_svg, additional_custom_breakpoints; settings: css_print_method-internal, google_font-enabled, font_display-auto

Canonical

https://trustuscotton.org/

Feeds

Open Graph

url: https://trustuscotton.org/
title: Home | Trust US Cotton Protocol
locale: en_US
site name: Trust US Cotton Protocol
description: The voluntary, field-level sustainability program and traceability platform for U.S. Cotton Explore the Program Driving environmental data, supply ...

Technology

CDN: Cloudflare
CMS: WordPress

Cookie consent

Iubenda

Fonts

Google Fonts

Third-party hosts loaded (4)

fonts.googleapis.com×3
cdn.iubenda.com×1
fonts.gstatic.com×1
gmpg.org×1

Social

DNS records live

NS

ns-1008.awsdns-62.net
ns-1309.awsdns-35.org
ns-1845.awsdns-38.co.uk
ns-81.awsdns-10.com

MX

0 trustuscotton-org.mail.protection.outlook.com

TXT

MS=ms58421955
facebook-domain-verification=67hi3scup33dr0b5b9zmiaipf6jrl3
google-site-verification=qjl3Xby2ZUvuTTw0zGmOvTWbYggy6sjilKtT7bMCbDg

Email authentication strong

SPF

v=spf1 mx include:spf.protection.outlook.com include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:dmarc@theseam.com,mailto:dmarc_agg@vali.email; ruf=mailto:dmarc@theseam.com

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3dbUpSNnkua10A/4mOrpej6QzrfFLl/3r3Wd56QfqePhU0OTEbhcRIGfpig7oJTHX4S+c9+V1fRD0WipVdu…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMLuwPemFplyHY2QmBkgTawrJ8GsW9VZ/TqmQrXp2vR9v9+YhUEnx9XxLTI5EO/9N4qg9xzv41gq4GYNONDN…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQhV9lpnLTSVKjn4XBtOLidOS27GmShXV9kTFcWPB2f1kZQJRdDMPtaOBfGfxuvSFONVhzn4XyBdAPxv2e…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDwNxlg5QrdsaFumAqSrS96pLREfjdWJtEISO+vvwuMXanx8VqYEqwJQQXoEVteblchAGUdPGclRU9W194epsQQVA…

selectors probed

Certificate (current)

WE1

from 2026-05-01 to 2026-07-30

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://trustuscotton.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' theseam.com *.theseam.com trustuscotton.org *.trustuscotton.org; img-src 'self' data: *.theseam.com trustuscotton.org *.trustuscotton.org assets.elementor.com library.elementor.com maps.googleapis.com ps.w.org secure.gravatar.com www.dtn.com www.google-analytics.com www.googletagmanager.com; font-src 'self' data: trustuscotton.org *.trustuscotton.org fonts.gstatic.com s0.wp.com use.fontawesome.com use.typekit.net; style-src 'self' 'unsafe-inline' trustuscotton.org *.trustuscotton.org cdnjs.cloudflare.com cloud.typography.com fonts.googleapis.com p.typekit.net use.fontawesome.com use.typekit.net; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' accounts.google.com analytics.wpmucdn.com apis.google.com cdn.iubenda.com cdn.jsdelivr.net cdnjs.cloudflare.com cs.iubenda.com maps.googleapis.com unpkg.com www.google.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.youtube.com; frame-src 'self' brainstormforce.github.io
strict-transport-security: max-age=31536000; includeSubDomains

Links to (9)

Linked from (1)

cotton.org×1