indexo.dev

yorkshrm.org

.org crawl

First seen 2026-04-23 · Last seen 2026-05-13 · ok HTTP/1.1 200 2463 ms crawled 2026-05-17

US · 34.226.77.200 · AS14618 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

sector nonprofit type homepage

HTML metadata

Title
York Society for Human Resources - Home
Language
en

Technology

Third-party hosts loaded (3)

  • live-sf.wildapricot.org×6
  • sf.wildapricot.org×2
  • kit-pro.fontawesome.com×1

Social

Registration

Registrar
Wild West Domains, LLC
Created
2017-05-03
Expires
2027-05-03 349 days left
Updated
2026-05-04
Name servers
  • ns05.domaincontrol.com
  • ns06.domaincontrol.com

DNS records live

NS
  • ns05.domaincontrol.com
  • ns06.domaincontrol.com
MX
  • 0 yorkshrm-org.mail.protection.outlook.com
TXT
  • MS=ms34121056

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none; adkim=r; aspf=r;
policy: none (monitoring only)
DKIM
  • default: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC253hHpKGM8zz4RPrDj1gOGAQy1jFmFZRdXFdoqyDSpHS6UTOvwWnxZQAjFsuaSxnYPeNpJBDovY+gJ/jkHAlaGb3Ohkn…
selectors probed

Certificate (current)

R13
from 2026-05-09 to 2026-08-07
Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://yorkshrm.org/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
report-uri https://csp.uel.wildapricot.com/report; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.appointlet.com *.appointletcdn.com *.aptrinsic.com *.cloudflare.com *.cloudfront.net *.doubleclick.net *.ecomm.events *.ecwid.com *.elev.io *.facebook.com *.facebook.net *.fontawesome.com *.google.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.jaris.co *.jaris.com *.linkedin.com *.mcjobboard.net *.mybillsystem.com *.newrelic.com *.nr-data.net *.pagespeed-mod.com *.paypal.com *.termly.io *.twitter.com *.typekit.net *.uservoice.com *.vimeo.com *.wildapricot.com *.youtube.com *.zdassets.com *.zendesk.com *.zopim.com api.preczn.com caas-sf.wildapricot.org https://*.forethought.ai live-sf.wildapricot.org maps.googleapis.com onlinestore-prod-digital-products.s3.amazonaws.com sf.wildapricot.org vimeo.com widget-mediator.zopim.com wss://widget-mediator.zopim.com/; img-src * data: blob:; media-src * blob:; font-src * https://*.apt
strict-transport-security
max-age=31536000

Links to (4)

Linked from (1)