csctfl.org

.org crawl

First seen 2026-04-19 · Last seen 2026-05-13 · ok HTTP/1.1 200 17683 ms crawled 2026-05-13

US · 3.33.251.168 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Home
Language: en-US

Open Graph

url: https://www.csctfl.org/
title: Home
description: Welcome to Central States!

Technology

Server: ESF

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

lh3.googleusercontent.com×12
fonts.googleapis.com×2
www.gstatic.com×2
apis.google.com×1
www.googletagmanager.com×1

Registration

Registrar

GoDaddy.com, LLC

Created

2007-03-17

Expires

2027-03-17 301 days left

Updated

2024-06-11

Name servers

ns17.domaincontrol.com
ns18.domaincontrol.com

DNS records live

NS

ns17.domaincontrol.com
ns18.domaincontrol.com

MX

Show 6 MX records

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
15 l7bqmra7rgewgfo24pcnx2sowsibbjmgf7bubqtv66sbwqbgtisq.mx-verification.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

brevo-code:1f42d052a269e8aacec49ad2fddd6aac
google-site-verification=AT19m4zZfG9oz_KOvN-v5fvLzsOgOxcXbynEX7Fw56w

Email authentication partial

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpZFbdAs7CerJn/zB4S+iAx/7esH8x3RkVeVwAZ1wtvluzvVnZb42Ff8b2XxXox/08SwTateraZjIT…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

GoDaddy TLS Intermediate CA DV - R1v1

from 2026-03-21 to 2026-10-05

Expires in 138 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.csctfl.org

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
missing Permissions Policy

Header values

referrer-policy: origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-8opwhy-_xamfXUjsgnpw5g' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site

Links to (1)

google.com×2

Linked from (1)

nfmlta.org×2