southorange.org
HTML metadata
Technology
Third-party hosts loaded (1)
- docaccess.com×1
Contact
- Phone
Registration
- Registrar
- Wild West Domains, LLC
- Created
- 1999-12-21
- Expires
- 2028-12-21 947 days left
- Updated
- 2024-06-18
- Name servers
-
- ns15.domaincontrol.com
- ns16.domaincontrol.com
DNS records live
- NS
-
- ns15.domaincontrol.com
- ns16.domaincontrol.com
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
Show 5 TXT records
cisco-ci-domain-verification=767749b4f3ed1e49aefaf401bc628e70ed1a97b8bb3a7b0a1ef8534a300776a60MS=BF6D518141396B23BB76594003310EBACE615CDCZOOM_verify_uqscaVJ4RJtIVYIZiDOLbHgoogle-site-verification=SeaAoM_h41rKLPOfEQ9Ozdby8wvUkd4RkCi86nVLmEo
Email authentication weak
- SPF
-
v=spf1 ip4:71.187.15.68 include:_spf.google.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8D0rM+5oiQ/NqSX23mX0keoTIlX9zFo/ILjzttvA3xoHW6+GvbWoRC172yTvAeQKiP0j79idUz7VJ…
selectors probed - google:
Certificate (current)
R12
Expires in 72 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *