indexo.dev

northfieldil.org

.org crawl

First seen 2026-05-30 · Last seen 2026-05-30 · ok HTTP/1.1 200 1184 ms crawled 2026-05-31

US · 208.90.191.98 · AS36489 IP Pathways, LLC

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Northfield, IL | Official Website
Language
en

Technology

jQuery
3.7.1
Stack
ASP.NET

Third-party hosts loaded (2)

  • docaccess.com×1
  • static.ctctcdn.com×1

Contact

Phone

DNS records live

NS
  • ns65.worldnic.com
  • ns66.worldnic.com
MX
  • 10 d79924a.ess.barracudanetworks.com
  • 20 d79924b.ess.barracudanetworks.com
TXT
Show 4 TXT records
  • 4n4ci7o9o6qo9ejgn6u5utk5tm
  • FLPPMM5KIT6757T1RF82NCCQSV
  • 5v8gerb66g0eafd1j3cm0rk2e2
  • 98e21ca735ad4f5ab63db71da28fa322
Verified for
  • Microsoft 365

Email authentication weak

SPF
v=spf1 ip4:206.40.36.146 include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

YR2
from 2026-05-31 to 2026-08-29
Expires in 87 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://northfieldil.org/

present
  • content-security-policy
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *

Links to (1)

Linked from (1)