ostiguyhigh.org

.org crawl

First seen 2026-05-08 · Last seen 2026-05-08 · ok HTTP/1.1 200 2135 ms crawled 2026-05-15

US · 18.191.161.50 · AS16509 Amazon.com, Inc.

Reputation 67/100 wrong cert no dmarc policy

Classifying

HTML metadata

Title

Ostiguy | Boston's Recovery High School

Language

en-US

Generator

WordPress 6.9.4

Feeds

Ostiguy » Feed RSS
Ostiguy » Comments Feed RSS

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Social widgets

YouTube Embed

Third-party hosts loaded (5)

platform-api.sharethis.com×2
www.googletagmanager.com×2
gmpg.org×1
www.gavinfoundation.org×1
www.youtube.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2010-05-11

Expires

2027-05-11 357 days left

Updated

2026-01-02

Name servers

ns39.domaincontrol.com
ns40.domaincontrol.com

DNS records live

NS

ns39.domaincontrol.com
ns40.domaincontrol.com

MX

10 ostiguyhigh.org.1.0001.arsmtp.com
20 ostiguyhigh.org.2.0001.arsmtp.com

TXT

veawpiE6Fp19+UN8XxZtKg==
google-site-verification=9XawPsJCRLvgBKAIOCqn6aI38j_oHzIu3cbMk66mbNA

Email authentication weak

SPF: v=spf1 include:_spf.google.com ip4:173.162.196.61 include:ostiguyhigh-org.spf.smtp25.com include:spf.zixsmbhosted.com include:ostiguyhigh-org.spf.smtp25.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current) wrong cert

Go Daddy Secure Certificate Authority - G2

from 2025-09-03 to 2026-10-05

Expires in 139 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked over plain HTTP: http://ostiguyhigh.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

checked over plain HTTP
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' platform-api.sharethis.com platform-api.sharethis.com www.googletagmanager.com platform.twitter.com google-analytics.com buttons-config.sharethis.com www.google-analytics.com www.gstatic.com blob:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' www.youtube.com docs.google.com www.google.com platform.twitter.com; connect-src 'self' l.sharethis.com www.google-analytics.com;
strict-transport-security: max-age=31536000; includeSubDomains

Links to (10)

Linked from (1)

bostonabcd.org×1