indexo.dev

nebf.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-18 · ok HTTP/1.1 200 2536 ms crawled 2026-05-06

US · 12.53.28.138 · AS27482 American Eagle Computer Products, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
National Electrical Benefit Funds | NEBF
Description
SiteStartup Description
Language
en

Registration

Registrar
Network Solutions, LLC
Created
1998-03-03
Expires
2031-03-02 1748 days left
Updated
2026-01-01
Name servers
  • ns1.americaneagle.com
  • ns2.americaneagle.com

DNS records live

NS
  • ns-1230.awsdns-25.org
  • ns-1955.awsdns-52.co.uk
  • ns-334.awsdns-41.com
  • ns-944.awsdns-54.net
MX
  • 15 d329051a.ess.barracudanetworks.com
  • 20 d329051b.ess.barracudanetworks.com
TXT
Show 10 TXT records
  • duo_sso_verification=GcAuIq45CWO8CcL0jvpVyO2cUjCyPVCZriuFEGtxnJxvhA0TigmPopJa2whXS1hF
  • duo_sso_verification=kGcBaOkbAkycgNEDsrqBowZunThZFDR73G29UNHbuFY2X5HruzPVPUeR4Toy8f5k
  • fh0h775zf85l4nf4hqxwnymg9dg2vxrh
  • google-site-verification=HS7yuWigURjLFjBgy6n6wLS-QPnAxTYBsNczUSu3OQk
  • iContact1071417
  • 1mkdtyr2sxlvcbhqrrv9nvrkb48mb8nt
  • 6e65214e3e926ae7e004c46054053810
  • MS=190D292909A9EF4945128D29A35EAB7596D24BC6
  • _kzammf0xgz09xrc98imhcebdt0nncck
  • _rjtnsh7u9twr27j872shu8bqnw26biz

Email authentication strong

SPF
v=spf1 mx ip4:12.4.33.34 ip4:12.4.33.45 a:mb1.nebf.com include:spf.ess.barracudanetworks.com include:spf.hosting.americaneagle.com include:emailus.freshservice.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc@nebf.com,mailto:dmarc_agg@vali.email
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2025-09-17 to 2026-10-16
Expires in 150 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.nebf.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://www.googletagmanager.com https://player.vimeo.com https://www.google.com https://www.gstatic.com; img-src 'self' https://ssl.google-analytics.com; frame-src 'self' https://api-d32f1f3c.duosecurity.com https://www.youtube.com https://player.vimeo.com https://www.google.com;

Linked from (7)