indexo.dev

javelinlogistics.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-27 · ok HTTP/1.1 200 1596 ms crawled 2026-05-27

US · 45.33.37.161 · AS63949 Akamai Connected Cloud

Reputation 100/100

Classifying

HTML metadata

Title
Javelin Logistics | Tailored Logistics for Evolving Supply Chains
Description
Javelin offers transportation, distribution & fulfillment, rigging & white-glove, and tradeshow event services. Based out of Newark, California.
Language
en
Canonical
https://www.javelinlogistics.com/

Technology

Server
Apache
jQuery
2.1.4 known XSS (<3.5)
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • ajax.googleapis.com×1
  • js.hs-scripts.com×1
  • www.google.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
Network Solutions, LLC
Created
2011-09-29
Expires
2027-09-29 485 days left
Updated
2024-05-28
Name servers
  • ns37.worldnic.com
  • ns38.worldnic.com

DNS records live

NS
  • ns37.worldnic.com
  • ns38.worldnic.com
MX
  • 10 javelinlogistics-com.mail.protection.outlook.com
TXT
  • f626nwmhr2rttk4kgv6nn6wt721vn03b
  • knowbe4-site-verification=cd636cd78ecccaa202d80716fd3192bc
  • 9qcgeoqichat1d8n7o2fssc0nc
Verified for
  • Apple
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:psm.knowbe4.com include:zoho.com ip4:63.207.121.92 ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:nqr0syj1@ag.us.dmarcian.com
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPWs25lVWepiT3utR3U0N7dgK8z4a46IrS3GJ5ylMSoOf+qPdSM92B4W6+c3P1KDMpKvUSg9ZUtPzPHUJike…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsAQAjYvxN5EYiA7IwySrwNzw8EsvjXSB4gwOcOKalm+jJ+1R3XXDtb+Y0V/fGb46Meu3FACmZl7lJv0iZK2…
selectors probed

Certificate (current)

E7
from 2026-04-23 to 2026-07-22
Expires in 51 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.javelinlogistics.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' ajax.googleapis.com www.google.com www.googletagmanager.com www.gstatic.com 'sha256-zeNTs6BX/itkVHX8Tgk0ZC1/TRikYRmlLkSyMA0gqdY=' *.hubspot.com *.hscollectedforms.net *.hs-scripts.com *.hs-analytics.net *.hs-banner.com; connect-src 'self' www.google.com www.google-analytics.com ajax.googleapis.com *.hscollectedforms.net *.hubspot.com; img-src 'self' i.ytimg.com *.hsforms.com *.hubspot.com; style-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; frame-src www.google.com www.youtube-nocookie.com;
strict-transport-security
max-age=63072000;

Links to (2)

Linked from (2)