shastahealth.org

HTML metadata

Technology

Server

nginx

CMS

Drupal

Analytics

• Google Tag Manager

Third-party hosts loaded (3)

• www.skynettechnologies.com×2
• maxcdn.bootstrapcdn.com×1
• www.googletagmanager.com×1

Social

• linkedin
• twitter
• facebook
• instagram

DNS records live

NS

• ns75.worldnic.com
• ns76.worldnic.com

MX

• 10 d117396a.ess.barracudanetworks.com
• 20 d117396b.ess.barracudanetworks.com

TXT

Show 5 TXT records

• duo_sso_verification=8gfCZ1fNG0nNsvvUlj4kpVZTX0qQD5ZqjyLtf5Varu2qIsWqhITRbEk8oeRDyyZq
• yd8fmf1dp8qjy4bsmpggndq0d30v99wv
• I9/kS9ahNsALiSS4aRN6UAPBffjbo9PxUAyufWrceLZsT496VnHbiyCgZQ4d8RcI5o5wFfds7VeC8mTJjyZ2ZA==
• 34cx60zrnk3pjp2kglxbxp0vl77dl166
• bw=gI5SQZibyvsCYVtRtyFFWrWivSzcI0zHuTqgW2hIzynD

Verified for

• Adobe
• Cisco
• Google
• Microsoft 365
• Zoom

Email authentication strong

SPF

v=spf1 ip4:216.31.227.131 include:spf.protection.outlook.com include:spf.cloud.mip.com include:email.freshservice.com include:spf.ess.barracudanetworks.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc@shastahealth.org,mailto:rua+shastahealth.org@dmarc.barracudanetworks.com; ruf=mailto:dmarc@shastahealth.org,mailto:ruf+shastahealth.org@dmarc.barracudanetworks.com

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDElrkuUIuzKtjJCb60XARhIwJ7Lkot9ylpfjIOQJjToo4brhFz9cmsQVEXn3xf0fyLy9Xn6GcrQhW9H5BAV7…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://shastahealth.org/

present

• x-frame-options
• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• twitter.com×1
• linkedin.com×1
• instagram.com×1
• google.com×1
• facebook.com×1

Linked from (2)

• shastaess.org×1
• shastacoe.org×1