indexo.dev

mhgportal.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-13 · ok HTTP/1.1 200 1312 ms crawled 2026-05-13

CA · 40.86.230.96 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Home
Description
Home
Language
en-US

Technology

CMS
Ghost
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2014-06-19
Expires
2026-06-19 29 days left
Updated
2025-06-19
Name servers
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info

DNS records live

NS
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info
MX
  • 0 mhgportal-com.mail.protection.outlook.com
Verified for
  • Microsoft

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=reject;
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9vO56A0pITJO6q6CMy24SHpIFeHVKp6qqbq02cDwnNbWFycjLljdSvigEAcdyob8XYFY/iT9tu2ohGTua1k…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVanplM36Xm3Z4tSCywze4BsjOA2QAUr8LVNHLWzjKQULH8jY65+VB0aI+tVD7JuZ9zXrVRSgMXjStBqnV5Q…
selectors probed

Certificate (current)

R13
from 2026-04-20 to 2026-07-19
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://mhgportal.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; script-src 'self' mhgportal.com dnn506yrbagrg.cloudfront.net apis.google.com googleads.g.doubleclick.net www.google.com www.googletagmanager.com www.google-analytics.com www.gstatic.com stats.g.doubleclick.net cdnjs.cloudflare.com 'unsafe-inline' 'unsafe-eval'; worker-src blob:; connect-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net analytics.google.com; style-src 'self' 'unsafe-inline' mhgportal.com fonts.googleapis.com cdnjs.cloudflare.com; img-src * data:;media-src 'none';font-src data: 'self' fonts.gstatic.com www.google.com fonts.googleapis.com cdnjs.cloudflare.com; frame-ancestors 'self'; frame-src 'self' www.facebook.com www.google.com www.googletagmanager.com gettingstarted.2sxc.org 2sxc.org
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (2)