indexo.dev

brighthorizonsfoundation.org

.org crawl

First seen 2026-04-16 · Last seen 2026-05-08 · ok HTTP/1.1 200 3002 ms crawled 2026-05-11

US · 40.83.138.97 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

sector nonprofit type homepage

HTML metadata

Title
Bright Horizons Foundation for Children | Bright Horizons Foundation for Children
Description
Bright Horizons employees, clients, families, and friends – all working together to create brighter futures for children and families in our communities.
Language
en

Open Graph

title
Bright Horizons Foundation for Children
description
Bright Horizons employees, clients, families, and friends – all working together to create brighter futures for children and families in our communities.

Technology

Cookie consent
  • OneTrust

Third-party hosts loaded (3)

  • cdn-ukwest.onetrust.com×1
  • kit.fontawesome.com×1
  • players.brightcove.net×1

Social

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2008-09-24
Expires
2026-09-24 128 days left
Updated
2024-09-25
Name servers
  • dns1.cscdns.net
  • dns2.cscdns.net

DNS records live

NS
  • dns1.cscdns.net
  • dns2.cscdns.net
MX
  • 10 custmx.cscdns.net
TXT
  • _2ymw2qg6svlmw0r4jbxhfzm0rp0oj8t
  • _3984ghaq8ftip6z9li1ak1d6fggp69c
  • _mmpta4aerxqyigr2rik4ydozw7aqiny

Email authentication weak

SPF
v=spf1 -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-02-26 to 2026-08-25
Expires in 98 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://brighthorizonsfoundation.org/

present
  • content-security-policy
  • x-frame-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://enterprise.legion.work https://uat.enterprise.legion.work; object-src 'none'; script-src 'nonce-teMa1HR5hYjSOM93yuDl97wVmuj6DowBWjFfOkFli/P98/Jb8fkp2xEWUMB2jm4dcUrSD5EXGfbH5gtZo+OmcA==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' 'self' https://maps.googleapis.com https://code.jquery.com https://www.googleadservices.com https://js.hsforms.net https://www.google-analytics.com https://static.hotjar.com https://kit.fontawesome.com https://platform.linkedin.com https://apis.google.com https://connect.facebook.net https://maps.google.com https://ajax.googleapis.com https://platform.twitter.com https://*.onetrust.com https://cdnjs.cloudflare.com https://*.brighthorizons.com https://cm.perf.brighthorizons.com https://perf.brighthorizons.com https://snap.licdn.com https://api.bhdts.com https://perfcmsapi.brighthorizons.com https://cmsapi.brighthorizons.com https://az-perf-wus2-cd.azurewebsites.net https://www.googletagmanager.com https://api.ipify.org/ https:/

Links to (5)

Linked from (1)