indexo.dev

midpennbank.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-19 · ok HTTP/1.1 200 1017 ms crawled 2026-05-11

US · 67.225.129.253 · AS32244 Liquid Web, L.L.C

Reputation 95/100 weak security headers

sector finance type homepage

HTML metadata

Title
Community First Banking | Mid Penn Bank
Description
Mid Penn Bank offers a range of personal and business services to fit your banking and investment needs. Learn more about banking, loan rates & other services.
Language
en
Generator
WP Rocket 3.20.5
Canonical
https://midpennbank.com/

Open Graph

url
https://midpennbank.com/
title
Community First Banking | Mid Penn Bank
locale
en_US
site name
Mid Penn Bank
description
Mid Penn Bank offers a range of personal and business services to fit your banking and investment needs. Learn more about banking, loan rates & other services.

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager
Ads
  • Meta Pixel
Fonts
  • Google Fonts
Third-party hosts loaded (10)
  • fonts.googleapis.com×4
  • www.google.com×2
  • acsbapp.com×1
  • connect.facebook.net×1
  • fonts.gstatic.com×1
  • script.crazyegg.com×1
  • snap.licdn.com×1
  • t.marketingcloudfx.com×1
  • www.googletagmanager.com×1
  • www.gstatic.com×1

Social

Contact

Email
Phone

Registration

Registrar
Network Solutions, LLC
Created
1997-03-31
Expires
2027-04-01 316 days left
Updated
2023-12-10
Name servers
  • meera.ns.cloudflare.com
  • nash.ns.cloudflare.com

DNS records live

NS
  • meera.ns.cloudflare.com
  • nash.ns.cloudflare.com
MX
  • 10 mxa-006bd101.gslb.pphosted.com
  • 10 mxb-006bd101.gslb.pphosted.com
TXT
Show 5 TXT records
  • intersight=de0539ede48a044d4636fa8389017e44a8507d614865a6dcdde264888029da5a
  • nintex.5e9dace0a5d4b00c8860410e
  • nn40jp0uf6svcdbsu14jbepeiv
  • 1vgukfeu35c7pi8h7qcqtp29ib
  • 5knsoebvsia5dcpha57s1vo326
Verified for
  • Anthropic
  • Apple
  • Cisco
  • DocuSign
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:_spf.midpennbank_com._d.easydmarc.pro -all
strict (-all)
DMARC
v=DMARC1;p=reject;pct=100;rua=mailto:b5a9aa87b3@rua.easydmarc.us;ruf=mailto:b5a9aa87b3@ruf.easydmarc.us;ri=86400;fo=1;
policy: reject (enforced)
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDwloNV9f0+apdjMSxMwlju+moOFHa99LD+ESBltvY/t0sr+oNUUMivZNU6h78W1lhBBDJ8zMiLdrDm92bEV6…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhfjRz9LbIu7PSXZ8W0LaokldoYbd/ZDbfXMuH52Woci8hhcLuDQv/r1Q75SycNk6s5wCJv75+9radaRhu…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDE+WP3kVzBoOSj9xbKE7k3Q2Rqhh9pR2aeQ8809BEX4HceM5j15n/VA4XYC/vonpKbzY9xgIs07pxQuyUceUmDoY…
selectors probed

Certificate (current)

R13
from 2026-04-27 to 2026-07-26
Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://midpennbank.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; script-src 'self' https://www.google.com https://www.gstatic.com https://*.googleapis.com https://maps.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://connect.facebook.net https://snap.licdn.com https://platform.twitter.com https://static.cloudflareinsights.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://t.marketingcloudfx.com https://acsbapp.com https://*.acsbapp.com https://script.crazyegg.com https://cdn.acsbapp.com https://*.onlinebanktours.com https://*.fisglobal.com https://midpennstaging.webpagefxstage.com 'unsafe-inline' 'unsafe-eval'; worker-src blob:; style-src 'self' https://fonts.googleapis.com https://tagmanager.google.com https://*.onlinebanktours.com https://*.fisglobal.com https://cdn.jsdelivr.net 'unsafe-inline'; img-src 'self' data: https: https://www.google-analytics.com https://www.googletagmanager.com https://maps.googleapis.c

Links to (8)

Linked from (4)