ahcancal.org

HTML metadata

Title: AHCA/NCAL
Description
Language: en-US
Generator: Microsoft SharePoint
Canonical: https://www.ahcancal.org:443/Pages/default.aspx

Open Graph

url: https://www.ahcancal.org/Pages/default.aspx
title: AHCA/NCAL
description

Technology

Server: Microsoft-IIS

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (4)

www.googletagmanager.com×3
fonts.googleapis.com×2
s7.addthis.com×1
www.youtube.com×1

Social

Contact

Phone

Address

Street NW, Suite 400Washington, DC 20001

Registration

Registrar

Register.com - Network Solutions, LLC

Created

2005-07-27

Expires

2026-07-27 68 days left

Updated

2025-07-02

Name servers

ns.rackspace.com
ns2.rackspace.com

DNS records live

NS

ns.rackspace.com
ns2.rackspace.com

MX

10 us-smtp-inbound-1.mimecast.com
10 us-smtp-inbound-2.mimecast.com

TXT

Show 7 TXT records

autodiscover.outlook.com
vettqjh2e5lrm0euf06u2d0f6f
v9dcqj75v63gzl59fgvy6sk7cxgkm140
ik5gpui5mp40hffqn0mcsh71s7
google-site-verification=xwHrXnWjBE9doAj5RB4Z3IvPxTZ3IOnN9KTsgNSoPhA
MS=ms10562941
0ed1fe018ac4d118f17c5443bb92c58e82d7dd7270

Email authentication strong

SPF: v=spf1 include:spf.protection.outlook.com include:us._netblocks.mimecast.com include:_spf.votervoice.net include:_spf.gocadmium.com ip4:156.70.25.197 ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:5d4cee939068693@rep.dmarcanalyzer.com; ruf=mailto:5d4cee939068693@for.dmarcanalyzer.com; fo=1;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2025-12-01 to 2026-11-27

Expires in 191 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.ahcancal.org/Pages/default.aspx

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com;, default-src 'self'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' s7.addthis.com static.hotjar.com script.hotjar.com members.ahcancal.org www.google.com www.gstatic.com www.youtube.com fonts.googleapis.com www.googletagmanager.com tagmanager.google.com www.google-analytics.com ssl.google-analytics.com www.googleadservices.com ajax.googleapis.com safebrowsing.googleapis.com analytics.google.com connect.facebook.net analytics.tiktok.com googleads.g.doubleclick.net z.moatads.com v1.addthisedge.com m.addthis.com edge.addthis.com polo.feathr.co cdn.feathr.co widget.surveymonkey.com banman.providermagazine.com banman.ahcancal.org platform.twitter.com cdn.syndication.twimg.com; object-src
strict-transport-security: max-age=31536000