marcon.org

.org ok HTTP/1.1 200 652 ms

First seen 2026-05-31 · Last seen 2026-06-15 · crawled 2026-06-15

US · 198.185.159.145 · AS53831 Squarespace, Inc.

Reputation 92/100 no dmarc policy

sector home type landing page

HTML metadata

Title: Home
Language: en-US

Open Graph

url: https://www.marcon.org/
title: Home
description: What is going on with Marcon?

Technology

Server: ESF

Fonts

Google Fonts

Third-party hosts loaded (4)

lh3.googleusercontent.com×8
fonts.googleapis.com×4
www.gstatic.com×2
apis.google.com×1

DNS records live

NS

ns-cloud-a1.googledomains.com
ns-cloud-a2.googledomains.com
ns-cloud-a3.googledomains.com
ns-cloud-a4.googledomains.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Email authentication weak

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

not published

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn63PaZiNpbU5YmVOuCd/xYqHLKyDZIim3sJ+JyirFKa0y0LnKUvJ5nvK2/7CxE77NEBpEEnnFMNhBI…

selectors probed

Certificate (current)

R13

from 2026-05-07 to 2026-08-05

Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.marcon.org/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
missing Permissions Policy

Header values

referrer-policy: origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-_X4-tYqpK4Hz-Rb8JbhcQg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site

Links to (2)

google.com×2
freepik.com×2

Linked from (1)

addiejking.com×2

Use this data via API

Everything on this page for marcon.org is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/marcon.org" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →

Add a badge to your site

Own marcon.org? Show it's tracked on indexo.dev and link visitors straight to this page.

<a href="https://indexo.dev/marcon.org" target="_blank" rel="noopener">
  <img src="https://indexo.dev/marcon.org/badge.svg" alt="indexo.dev — marcon.org">
</a>