stackpeek
← back to leaderboard

audit report

Ghost

https://ghost.org · publishing

warn
scanned 2026-04-16 23:36:57 utc permalink · /audit/ghost

Ghost loaded 18 third-party domain(s), of which 3 are privacy-sensitive. 1 warn finding(s): No privacy policy found. Privacy-sensitive vendors observed: Twitter/X, Twitter/X Ads Pixel, Twitter/X short URL.

findings

  1. warn

    No privacy policy found

    stackpeek could not discover a privacy policy for this page. This is unusual for anything serving real users.

    how we detected this →
  2. note

    Twitter/X Ads Pixel loaded (advertising)

    Observed 1 time(s) on the page.

    
            CSP: https://static.ads-twitter.com
    how we detected this →
  3. note

    Twitter/X short URL loaded (social)

    Observed 1 time(s) on the page.

    
            CSP: https://t.co
    how we detected this →
  4. note

    Twitter/X loaded (social)

    Observed 1 time(s) on the page.

    
            CSP: https://ads-api.twitter.com/
    how we detected this →

third parties observed

vendor domain category hits disclosure
Twitter/X twitter.com social 1 not named
Twitter/X Ads Pixel ads-twitter.com advertising 1 not named
Twitter/X short URL t.co social 1 not named
Algolia algolia.net api 1 not named
Algolia algolianet.com api 1 not named
Netlify netlify.com hosting 1 not named
ahrefs.com ahrefs.com other 3 not named
churnbuster.io churnbuster.io other 1 not named
cloudflarestream.com cloudflarestream.com other 3 not named
dub.co dub.co other 1 not named
dubassets.com dubassets.com other 1 not named
dubcdn.com dubcdn.com other 2 not named
esm.sh esm.sh other 1 not named
firstpromoter.com firstpromoter.com other 2 not named
ghbtns.com ghbtns.com other 2 not named
laravel.cloud laravel.cloud other 1 not named
nsvcs.net nsvcs.net other 1 not named
zencdn.net zencdn.net other 2 not named

policy claims

No privacy policy could be located on this site.

response headers

hsts
yes
csp
yes
server
Netlify

run this yourself

Every audit on this site is reproducible. Install stackpeek and run the same check against https://ghost.org from your own machine — the tool is MIT-licensed and runs locally. 

pip install stackpeek
stackpeek audit https://ghost.org

source on GitHub · methodology · cli docs

provenance

This audit was generated by running stackpeek against https://ghost.org from a public IP, using only HTTP GET and standard browser headers. The findings compare the observed HTML against the policy discovery results (no policy document was located) using the public methodology. Re-scans append new findings at new permalinks and never overwrite the historical record.