sjcparks.org
sjcparks.org
HTML metadata
Technology
- Server
- Microsoft-IIS
- jQuery
- 3.7.1
- Stack
- ASP.NET
Third-party hosts loaded (3)
- app-script.monsido.com×1
- docaccess.com×1
- www.facebook.com×1
Social
Contact
DNS records live
- NS
-
- ns43.worldnic.com
- ns44.worldnic.com
- MX
-
- 0 sjcparks-org.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 mx include:spf.protection.outlook.com include:spfa.cpmails.com -allstrict (-all) - DMARC
-
v=DMARC1;p=none;rua=mailto:dmarcreports@sjcindiana.com;ruf=mailto:dmarcreports@sjcindiana.com,mailto:eb0369aa62@ruf.easydmarc.us;ri=86400;fo=1;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC26Si1LcEIongyxN4RKCv0rwqxqaIZR3bJX8kY+3hEJENWQAmGYbD7NeBgKyrT+uAaxsg+QzdHo3Qz04w2Gj… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX34RH+XtWsiUlTNeSP+wqem8se69zp5myBhkqiqYoG876uKA2wm4NFx93e+z7g/e6VSn7VQLfN8OP…
selectors probed - selector1:
Certificate (current)
YR2
Expires in 88 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *
Links to (10)
Linked from (1)
- wnit.org×1