brta-ok.org

.org crawl

First seen 2026-04-12 · Last seen 2026-05-20 · ok HTTP/1.1 200 6240 ms crawled 2026-05-20

US · 69.16.239.247 · AS32244 Liquid Web, L.L.C

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Bartlesville Redevelopment Trust Authority | BRTA-OK.org
Description: Bartlesville Redevelopment Trust Authority, encouraging economic and community growth through renovation and new construction.
Language: en
Canonical: https://www.brta-ok.org/

Open Graph

url: https://www.brta-ok.org/
title: Bartlesville Redevelopment Trust Authority
locale: en_US
site name: BRTA-OK.org
description: Bartlesville Redevelopment Trust Authority, encouraging economic and community growth through renovation and new construction.

Technology

Server: Apache
Stack: PHP

Analytics

Google Analytics
Google Tag Manager

Fonts

Adobe Fonts
Google Fonts

Third-party hosts loaded (9)

fonts.googleapis.com×3
fonts.gstatic.com×2
ajax.googleapis.com×1
maps.googleapis.com×1
themes.googleusercontent.com×1
use.typekit.net×1
www.google-analytics.com×1
www.googletagmanager.com×1
www.youtube.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2015-06-25

Expires

2026-06-25 35 days left

Updated

2024-07-10

Name servers

ns17.website-server.net
ns19.website-server.net

DNS records live

NS

ns17.website-server.net
ns19.website-server.net

MX

0 mail.brta-ok.org

Email authentication partial

SPF

v=spf1 +a +mx +ip4:69.16.238.5 +ip4:69.16.239.247 ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:cda8ab1e@mxtoolbox.dmarc-report.com; ruf=mailto:cda8ab1e@forensics.dmarc-report.com; fo=1

policy: none (monitoring only)

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cjk1OV+VxELa7w2ln649PCNbXOVj8dkC0nMzFQg3814JX8ajANu2Jw4RrAfqJo3fXLeHDUx/ZUMRS…

selectors probed

Certificate (current)

R12

from 2026-04-12 to 2026-07-11

Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.brta-ok.org/

present

content-security-policy
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self' *.youtube.com *.vimeo.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.com stats.g.doubleclick.net *.facebook.com *.typekit.net *.authorize.net smarticon.geotrust.com; script-src 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.com stats.g.doubleclick.net *.facebook.com *.typekit.net smarticon.geotrust.com *.authorize.net; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.facebook.net *.facebook.com *.typekit.net use.typekit.net; img-src 'self' data: blob: about: *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.ytimg.com feedburner.google.com maps.google.com stats.g.doubleclick.net *.typekit.net *.facebook.com *.w3.org b.scorecardresearch.com pixel.mathtag.com *.addnxs.com *.mookie1.com *.authorize.net *.geotrust.com; media-src 'self' *.youtube.com; frame-src 'self' *.youtube.com *.vimeo.com *.facebook.net *.facebook.com cse.google.com

Links to (2)

coppercupimages.com×3
instagram.com×3

Linked from (1)

cityofbartlesville.org×3