baptist-health.org
HTML metadata
Technology
- CDN
- Vercel
- CMS
- Joomla
- Fonts
-
- Adobe Fonts
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (5)
- app-bhns01saas32d4fp001.cms.optimizely.com×6
- f.vimeocdn.com×2
- player.vimeo.com×2
- tags.tiqcdn.com×2
- use.typekit.net×2
Social
Contact
- Address
- st Health Fitness Center - Little RockContact UsContact UsGet Our App© 2026
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 1997-11-19
- Expires
- 2026-11-18 182 days left
- Updated
- 2026-01-02
- Name servers
-
- ns18.baptist-health.org
- ns19.baptist-health.org
DNS records live
- NS
-
- ns18.baptist-health.org
- ns19.baptist-health.org
- MX
-
- 10 mxa-0018c201.gslb.pphosted.com
- 10 mxb-0018c201.gslb.pphosted.com
- TXT
-
Show 5 TXT records
atlassian-sending-domain-verification=930be541-b1e0-40a7-8a03-25da850682a6_vs9olrrxz2lbl293io8l2ze9p5gqic5Baptist Health, Information Systems, LR, ARknowbe4-site-verification=9775817b19759a90840b87b9a46ea126MS=718B8226EDF4B4C18A3DBB08818667A7733C8423
- Verified for
-
- Apple
- Atlassian
- Smartsheet
Email authentication strong
- SPF
-
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;policy: reject (enforced) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRfAe3z5gvoczY1ZTOMqC3e6huGUWXAlEuu6LQ+s8giVARxzwmg8VTuWBnJPnOLEHSDAiEJoqGY8dT… - selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TSCW+zbgihzya7x470Vjw3CE34SeRV0U+MEmtCba9hx6IcQsmnKX2GnLSnfMtfWaHz/RtJZYdBYQ5… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - google:
Certificate (current)
R12
Expires in 45 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(self "https://player.vimeo.com" "https://www.youtube.com"),camera=(),gyroscope=(self "https://player.vimeo.com" "https://www.youtube.com"),magnetometer=(),microphone=(),payment=(),usb=(),autoplay=(self "https://player.vimeo.com" "https://www.youtube.com")- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' *.optimizely.com https://player.vimeo.com 'unsafe-inline' 'unsafe-eval' tags.tiqcdn.com *.typekit.net *.loyalhealth.com maps.googleapis.com *.tealiumiq.com; font-src 'self' *.typekit.net fonts.gstatic.com; style-src 'self' 'unsafe-inline' *.optimizely.com *.typekit.net fonts.googleapis.com *.tiqcdn.com; img-src 'self' data: https://i.vimeocdn.com *.azureedge.net *.loyalhealth.com *.typekit.net www.baptist-health.com maps.googleapis.com maps.gstatic.com *.cms.optimizely.com *.ytimg.com *.wpenginepowered.com; connect-src 'self' data: *.optimizely.com https://vimeo.com *.typekit.net *.loyalhealth.com api-js.mixpanel.com *.googleapis.com *.tealiumiq.com *.tiqcdn.com; frame-src 'self' https://player.vimeo.com https://vimeo.com https://www.vimeo.com *.ypo.education youtube.com www.youtube.com youtu.be; object-src 'none'; frame-ancestors 'self' *.optimizely.com *.vimeo.com; worker-src 'self' blob:; form-action 'self' *.eloqua.com *.t.eloqua.com ;- strict-transport-security
max-age=31536000; includeSubDomains; preload