dalycity.org

HTML metadata

Technology

jQuery

3.7.1

Stack

ASP.NET

Third-party hosts loaded (2)

• answers-script.frase.io×1
• docaccess.com×1

Social

• twitter
• instagram

Contact

Phone

• 6509918000

DNS records live

NS

• ns-1453.awsdns-53.org
• ns-1929.awsdns-49.co.uk
• ns-504.awsdns-63.com
• ns-525.awsdns-01.net

MX

• 0 dalycity-org.mail.protection.outlook.com

TXT

• 77lb4qda8dl8cg4re7k37r8dl4
• MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCz6iUhvoi4xWGPQYMzm6KdhzeDGGLtMQoGqqDFuGC6LXJCTUxEUi+BBPGesYvPYIfGMo7sQFAqQlITY/qvvgEx6PsSJwsFgFXFEssr1K6KirWFh6mjv0QNAitcJsbsyqKfPxp0gnIFQ0vclJECLYeLew

Verified for

• Apple
• Microsoft 365
• Zoom

Email authentication strong

SPF

v=spf1 ip4:76.14.93.48/32 include:spf.protection.outlook.com include:_spf.smtp.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc_rua@dalycity.org,mailto:o7yur68bf0@rua.powerdmarc.com; ruf=mailto:dmarc_ruf@dalycity.org; fo=1

policy: quarantine

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfm17VlLKrYezCMOD2ppGquq77Z93WxiOk/pg+C827g37CJwmihqITX+qR5ItH9HKdz6pUrJYTS/WHgiywE9…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiO9KlLE6RnpmMM3sbVHykXOUYgODWOBdPZHVcO9kusaN12Arazjtldw2Ukda4XbsAC4hXhqo7qDSZ…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://dalycity.org/

present

• content-security-policy
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• twitter.com×1
• nextdoor.com×1
• municode.com×1
• instagram.com×1
• civicplus.com×1

Linked from (2)

• union-door.com×1
• dalycityconcreteservices.com×1