treasurehealth.org

HTML metadata

Technology

Server

Microsoft-IIS

Analytics

• Google Tag Manager

Third-party hosts loaded (3)

• dev.visualwebsiteoptimizer.com×1
• docaccess.com×1
• www.googletagmanager.com×1

Social

• youtube
• instagram
• linkedin

Contact

Phone

• 1-772-403-4500

Registration

Registrar

GoDaddy.com, LLC

Created

2014-04-05

Expires

2027-04-05 319 days left

Updated

2026-04-06

Name servers

• ns41.domaincontrol.com
• ns42.domaincontrol.com

DNS records live

NS

• ns41.domaincontrol.com
• ns42.domaincontrol.com

MX

• 10 d242545a.ess.barracudanetworks.com
• 20 d242545b.ess.barracudanetworks.com

TXT

• v=verifydomain MS=5302528
• EIX7CKX0SAL1PELA8F4CR6AS2WV7O0M0SD45E0AQ2
• MS=4B061FAF6BCB82E38B4F4169AAD2EAE452B1DC2D

Email authentication strong

SPF

v=spf1 mx ip4:40.86.217.129/30 ip4:18.220.94.28 ip4:205.138.0.0/15 ip4:96.66.209.253/32 ip4:66.203.140.48/29 ip4:208.185.229.0/24 ip4:208.185.235.0/24 ip4:148.59.108.0/23 ip4:148.59.106.0/23 include:ca-emailsignatures-cloud.codetwo.com include:finalsiteconnect.com include:outboundmail.blackbaud.net include:spf.constantcontact.com include:servers.mcsv.net include:ess.barracudanetworks.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:re+e4erc3yuzvj@dmarc.postmarkapp.com; sp=none; aspf=r;

policy: quarantine · sp=none

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://treasurehealth.org/

present

• content-security-policy
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• civicplus.com×2
• instagram.com×2
• linkedin.com×2
• livechat.com×2
• youtu.be×1

Linked from (3)

• kylegrestaurants.com×2
• tcbusiness.com×1
• indianrivermagazine.com×1