ehsny.org

HTML metadata

Title

Endeavor Health Services - Your Wellness, Our Mission

Description

Endeavor Health Services is here for you, every step of the way. Your wellness is our mission, and we offer a variety of services to help you on your way.

Language

en-US

Generator

Powered by WPBakery Page Builder - drag and drop page builder for WordPress.

Canonical

https://www.ehsny.org/

Feeds

Endeavor Health Services » Feed RSS

Technology

CDN: Cloudflare
CMS: WordPress
jQuery: 3.7.1

Fonts

Google Fonts

Third-party hosts loaded (1)

fonts.googleapis.com×3

Social

Contact

Email

recordrequests@ehsny.org

Registration

Registrar

Network Solutions, LLC

Created

2014-10-09

Expires

2033-10-09 2697 days left

Updated

2024-10-04

Name servers

ns1.buffalowebhosting.com
ns2.buffalowebhosting.com

DNS records live

NS

ns1.buffalowebhosting.com
ns2.buffalowebhosting.com

MX

0 ehsny-org.mail.protection.outlook.com

TXT

Show 5 TXT records

mlrcm5hf0lhtk2gnjph746tek7
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoY8od7MocBNAxjrH61+pUAXUNOsz87gmoLEDQrmD7Rrc5ET1Ki93GSLtgJdJ+qAfnQNMnbZYgKqq12DOj8FYVpQtAJYqAo1K3RlXOxoAxbH2/3cVYbPCxH9NE8431hhpyZeCVaWRyN+dXIKQVJeneYy0yZv/eUxU7rkZuyK3jWwIDAQAB
sherpadesk.azurewebsites.net
solarwinds-service0desk-verification=8440df93b582cd0a94a2d8b68cdd884a
f76u3rjifi1uk3a3pd41bls5kj

Verified for

Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.psm.knowbe4.com include:mailgun.org include:_spf01.mykronos.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc@ehsny.org; ruf=mailto:dmarc@ehsny.org; fo=1

policy: quarantine

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YRryDxPfABhBZLERc8EItPGjFb95FcPerWgI4JX05XZh362gaEAhx4BCHNfg9GOqx8yvqfihembVT…

selectors probed

Certificate (current)

E7

from 2026-05-04 to 2026-08-02

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.ehsny.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' * data: fonts.gstatic.com fonts.googleapis.com www.googletagmanager.com fonts.gstatic.com; img-src 'self' 'unsafe-inline' * data: ; media-src * 'self' 'unsafe-inline' www.ehsny.org youtube.com www.youtube.com; script-src * www.ehsny.org 'self' 'unsafe-inline' 'unsafe-eval' youtube.com www.youtube.com googletagmanager.com www.googletagmanager.com connect.facebook.net;
strict-transport-security: max-age=63072000

Links to (8)

Linked from (1)

healthcareaicommitments.com×2