indexo.dev

avon.org

.org crawl

First seen 2026-04-15 · Last seen 2026-05-16 · ok HTTP/1.1 200 2281 ms crawled 2026-05-16

US · 207.38.76.111 · AS36489 IP Pathways, LLC

Reputation 100/100

Classifying

HTML metadata

Title
Avon, CO - Official Website | Official Website
Language
en

Technology

Server
Microsoft-IIS

Third-party hosts loaded (3)

  • docaccess.com×2
  • js.adsrvr.org×1
  • www.facebook.com×1

Social

Contact

Phone

Registration

Registrar
Network Solutions, LLC
Created
1997-03-13
Expires
2030-03-14 1394 days left
Updated
2025-02-16
Name servers
  • ns71.worldnic.com
  • ns72.worldnic.com

DNS records live

NS
  • ns71.worldnic.com
  • ns72.worldnic.com
MX
  • 10 mx1-us1.ppe-hosted.com
  • 20 mx2-us1.ppe-hosted.com
TXT
Show 4 TXT records
  • MS=ms95549835
  • QRCyLuyarQZmI1OiVvsDUxC6cUhTgSWEIuibOzrr/XhOhjTms979UGLhhmZnHp1bAW9Wu+wMeEnKfSsBBCMicA==
  • apple-domain-verification=iACKA2rbD1Q8gytw
  • duo_sso_verification=8GQYjqMW2Yd9tufbn5vt21ZWFmexoRwbqWCaBSmTQntazHrA2mfjgLKPedHQfQfn

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:sendgrid.net a:dispatch-us.ppe-hosted.com ip4:159.112.207.71 include:_spf.psm.knowbe4.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:huuwcyz9@ag.us.dmarcian.com, mailto:peiadmin@avon.org;
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnU79JkX9Z63f33oYMVIGPzlJtn4useQ63JL9J9jEqHUEfEfLWB4GYGtw/J8xtymR2IFxWb2/eQTTslxtdoR…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8oSw4rwXrLJCbKekJIcJIjiTvUpA5OrLXaOn29RRsNr4qKgZtOaxSXQWGpBdKoLD2pqHxdqJzsC0MT…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R12
from 2026-04-21 to 2026-07-20
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://avon.org/

present
  • content-security-policy
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *

Links to (5)

Linked from (1)