acctofi.com

HTML metadata

Title: Home
Language: en
Generator: Sitefinity 15.2.8430.0 DX
Canonical: https://www.acctofi.com

Open Graph

url: https://www.acctofi.com
title: Home
site name: * acctofi.com

Technology

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

placehold.co×9
cdn.jsdelivr.net×3
fonts.googleapis.com×2
fonts.gstatic.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

EnCirca, Inc.

Created

2024-07-25

Expires

2027-07-25 432 days left

Updated

2025-03-04

Name servers

standard3.encirca.net
standard4.encirca.net

DNS records live

NS

standard3.encirca.net
standard4.encirca.net

MX

0 acctofi-com.mail.protection.outlook.com

TXT

MS=ms66652847
monday-com-verification=KN8ebVVHO4BRM7s7VXvq8V02jNk9kGMeKE7vrUVJu00

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s

policy: reject (enforced) · sp=reject

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q0WGtopCgVYCtSG29K09qHb5L6NF4DeNGCeCioLEHsLwzHFbTkRhO8wlAGxMDvgcTHwaBCp6DzRPr…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FBHSyBw0Bp+PYD6ji9zn+uFZ7YeDtZF3asnQEyS3lB2+4Qh9IHLw69sm198rYiM+9OiAkWqKbhoSz…

selectors probed

Certificate (current)

R13

from 2026-04-05 to 2026-07-04

Expires in 47 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.acctofi.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://*.googletagmanager.com cdnjs.cloudflare.com *.tx.cpa *.acctofi.com *.a https://api.tx.cpa https://txcpawebjob.azurewebsites.net *.olark.com *.feathr.co *.licdn.com *.ads-twitter.com https://cdn.jsdelivr.net *.txcpa.live *.algolia.net https://static.ctctcdn.com https://googleads.g.doubleclick.net *.matrixdev.net https://cdn.informz.net https://secure.bluepay.com 'unsafe-inline' 'unsafe-eval' cdn.ampproject.org https://cdn.insight.sitefinity.com https://dec.azureedge.net https://player.vimeo.com/api/player.js https://www.youtube.com/iframe_api web-chat.nativechat.com; style-src 'self' *.googleapis.com *.gstatic.com net
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin

Links to (10)

Linked from (1)

4impactdata.com×1