palamerican.com

HTML metadata

Title: Security Services | PalAmerican offers Licensed Security Guards
Description: Professional security services across the U.S. from PalAmerican. Trusted, compliant, and tailored protection for every environment.
Language: en-US
Generator: Site Kit by Google 1.178.0
Canonical: https://palamerican.com/

Open Graph

url: https://palamerican.com/
title: PalAmerican Security
locale: en_US
site name: PalAmerican Security
description: Professional security services across the U.S. from PalAmerican. Trusted, compliant, and tailored protection for every environment.

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (6)

cdnjs.cloudflare.com×3
www.googletagmanager.com×3
cdn.visibilitykit.ai×2
js.hs-scripts.com×2
unpkg.com×2
www.google.com×2

Social

Contact

Phone

1-877-360-9455

Address

11300 4th St N #150, 33716, St. Petersburg, FL, USA

Registration

Registrar

GoDaddy.com, LLC

Created

2017-01-10

Expires

2031-01-10 1695 days left

Updated

2026-01-11

Name servers

ns-1173.awsdns-18.org
ns-15.awsdns-01.com
ns-1945.awsdns-51.co.uk
ns-802.awsdns-36.net

DNS records live

NS

ns-1173.awsdns-18.org
ns-15.awsdns-01.com
ns-1945.awsdns-51.co.uk
ns-802.awsdns-36.net

MX

0 palamerican-com.mail.protection.outlook.com

TXT

i3ribd83oe95rh7ojvmdnaudrh
nitro-verification-code=MTI3NzI0MTUwNzg2NDA1ODczOQ==
4kckuic9bb5qfpej5coulufmse

Verified for

1Password
DocuSign
Google
Microsoft 365

Email authentication strong

SPF

v=spf1 ip4:174.50.154.234 ip4:8.53.111.203 ip4:8.53.7.13 ip4:99.50.227.233 ip4:47.206.156.29 ip4:40.87.70.37 ip4:98.142.94.61 ip4:98.142.94.62 ip4:162.17.191.121 ip4:172.110.77.250 ip4:64.114.190.197 ip4:207.102.61.201 ip4:64.114.190.194 a:mail1.myteamasp.com a:mail2.myteamasp.com include:8300912.spf04.hubspotemail.net include:spf.protection.outlook.com include:spf.workstream.paladinsecurity.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:it-security@paladinsecurity.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQH/GGOmtzZa9boWaB28JlWiKcMnwHmnsjnPryVpSKQQD9261edl2FrwtYOfhbdxNxBhhqqNsj7h5Z…

selectors probed

Certificate (current)

Amazon RSA 2048 M03

from 2025-07-28 to 2026-08-27

Expires in 98 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://palamerican.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
permissions-policy: autoplay=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: connect-src * *.google-analytics.com *.tiktok.com *.google.com *.google.ca *.facebook.com *.sumo.com; object-src 'self' 'unsafe-inline'; frame-src 'self' 'unsafe-inline' filesystem: *.vimeo.com *.cloudfront.net *.gstatic.com *.crazyegg.com *.facebook.net *.facebook.com *.sumo.com *.youtube.com *.tiktok.com *.hotjar.com *.csper.io *.cloudflare.com *.addtoany.com *.hsappstatic.net *.google-analytics.com *.googletagmanager.com *.hs-scripts.com *.google.com *.googleapis.com *.hsadspixel.net *.hs-analytics.net *.hscollectedforms.net *.bunny.net *.cloudflare.com *.googleapis.com *.gravatar.com *.google.ca *.bunny.net *.hubspot.com *.addtoany.com *.libsyn.com *.hs-banner.com *.usemessages.com *.hsforms.com *.doubleclick.net hemsync.clickagy.com; manifest-src 'self'; upgrade-insecure-requests
strict-transport-security: max-age=7776000; includeSubDomains

Links to (8)

Linked from (1)

nasco.org×1