indexo.dev

agawatrain.com

.com crawl

First seen 2026-05-29 · Last seen 2026-06-01 · ok HTTP/1.1 200 260 ms crawled 2026-05-31

US · 192.0.66.239 · AS2635 Automattic, Inc

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Agawa Canyon Tour Train | Train Rides through Northern Ontario
Description
Agawa Canyon Tour train tickets available for purchase now for this year’s tour season running Aug. 1st through Oct. 10th. Book your ticket online today!
Language
en-US
Canonical
https://agawatrain.com/

Open Graph

url
https://agawatrain.com/
title
Agawa Canyon Tour Train | Train Rides through Northern Ontario
site name
Agawa Canyon Tour Train
description
Agawa Canyon Tour train tickets available for purchase now for this year’s tour season running Aug. 1st through Oct. 10th. Book your ticket online today!

Technology

Server
nginx
CMS
WordPress
jQuery
3.6.0

Third-party hosts loaded (3)

  • cdnjs.cloudflare.com×2
  • fareharbor.com×1
  • stats.wp.com×1

Social

Contact

Email
Phone
Address
87 Huron Street, P6A 6W4, Sault Ste. Marie, Ontario, CA

Registration

Registrar
easyDNS Technologies Inc.
Created
2003-08-25
Expires
2026-08-25 83 days left
Updated
2025-01-06
Name servers
  • dns1.domainsure.com
  • dns2.domainsure.net
  • dns3.domainsure.org

DNS records live

NS
  • dns1.domainsure.com
  • dns2.domainsure.net
  • dns3.domainsure.org
MX
  • 99 d270923a.ess.barracudanetworks.com
  • 99 d270923b.ess.barracudanetworks.com
TXT
  • ca3-58a67a03e0a84d379782c5756ff6b048
Verified for
  • Google
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:spf.ess.barracudanetworks.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-04-24 to 2026-07-23
Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://agawatrain.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • cross-origin-opener-policy
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https: http: blob:; font-src 'self' data: https:; connect-src 'self' https: wss:; media-src 'self' https:; object-src 'none'; base-uri 'self'; frame-src 'self' https:; frame-ancestors 'self'
strict-transport-security
max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups

Links to (7)

Linked from (2)