haywardrec.org

.org crawl

First seen 2026-04-12 · Last seen 2026-05-19 · ok HTTP/1.1 200 1507 ms crawled 2026-05-04

US · 208.90.191.113 · AS36489 IP Pathways, LLC

Reputation 100/100

Classifying

HTML metadata

Title: Hayward Area Recreation and Park District, CA | Official Website
Language: en

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (3)

app-script.monsido.com×1
docaccess.com×1
www.googletagmanager.com×1

Contact

Phone

(510) 881-6700

Registration

Registrar

Network Solutions, LLC

Created

2000-04-05

Expires

2031-04-05 1780 days left

Updated

2026-01-26

Name servers

ns100.worldnic.com
ns99.worldnic.com

DNS records live

NS

ns100.worldnic.com
ns99.worldnic.com

MX

0 haywardrec-org.mail.protection.outlook.com

TXT

Show 8 TXT records

v=spf1 include:spf.protection.outlook.com include:mailgun.org include:spf.mailjet.com include:_s00285110.autospf.email ~all
hbmaq1cvtjqtl2bqupmbjm61uj
5fu4joanarnqo7ek4dal1m5bh7
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBYKNJ702tH/ynxp820jeE0J+wzZ4HB3ZAfYCVQ+KEacu2GvH4N+IzbH5mP72aRCmaK0GUXsEVjNv2HcC60Y319f4kJcBdf+jkBeHQCtNkyz708zTlhCmPUT/6UVcVpf5gLa3SNJsMY0lBIt1UwDtjnTThNoSOAQAsSzwc3bjEWQIDAQAB
4s46i5qflg1ksg2qeph52nkd7g
6svss6ubs58e921tbq5g7kt559
dc722svabnjovbj2reeq74ciok
6crvfdh1v48afftk7vqecaug6r

Verified for

Apple
Microsoft 365

Certificate (current)

R12

from 2026-03-24 to 2026-06-22

Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://haywardrec.org/

present

content-security-policy
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *

Links to (2)

activecommunities.com×2
civicplus.com×2

Linked from (2)

dmtarts.org×2
cookieshayward.com×2