onthejlo.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: onthejlo
Description: Discover the world of Jennifer Lopez from Then to Now. Albums, Singles, Films, Live Experiences and magical Moments. JLo Live in 2025
Language: en
Canonical: https://onthejlo.com/en/home

Open Graph

url: https://onthejlo.com/en/home
title: onthejlo
locale: en
description: Discover the world of Jennifer Lopez from Then to Now. Albums, Singles, Films, Live Experiences and magical Moments. JLo Live in 2025

Technology

CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (2)

cdn.sphere.co.uk×13
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2022-01-23

Expires

2028-01-23 601 days left

Updated

2026-01-24

Name servers

ns1-08.azure-dns.com
ns2-08.azure-dns.net
ns3-08.azure-dns.org
ns4-08.azure-dns.info

DNS records live

NS

ns1-08.azure-dns.com
ns2-08.azure-dns.net
ns3-08.azure-dns.org
ns4-08.azure-dns.info

MX

0 onthejlo-com.mail.protection.outlook.com

TXT

68mkfv0ltd8rf2x8y4f9chbt39bp7qjz
cozmos-domain-verification=eisb33yw7zy1sbudzq4h7nopq7uezfoc
NETORGFT10162619.onmicrosoft.com

Verified for

Google

Email authentication strong

SPF

v=spf1 include:spf.em.secureserver.net include:secureserver.net include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:report@dmarc.em.secureserver.net,mailto:dmarc@stormideas.uriports.com; ruf=mailto:dmarc@stormideas.uriports.com; fo=1:d:s

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pmcHY8pYyvmUq8IpZgEuCWILRgMmCOByhW4D3mh9Si/8qdF4pm3BrNuZ3XV5AlzV0z7Ms+mJDxs63W7f6…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26rjfQxoa/MUzUh5C80vHo7ITORqd6oygfU0634M35gjRVaVT/g4Cv3hrzf9ZS4tIqTeqXYpcgwfxhvY7p…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2026-01-13 to 2027-02-12

Expires in 256 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://onthejlo.com/en/home

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff; always
content-security-policy: default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src https: data: blob:; font-src https: data:; frame-ancestors https://*.sphere.uk https://*.cozmos.com https://*.sphere.co.uk https://*.toysphere.co.uk https://*.toysphere.com https://*.shortstackapp.com https://*.figma.com https://link.to https://*.linkfire.com; worker-src blob:;
strict-transport-security: max-age=31536000; includeSubDomains