stjamesla.com
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (4)
- www.youtube.com×2
- docaccess.com×1
- www.facebook.com×1
- www.googletagmanager.com×1
Contact
- Phone
- Address
- St. James ParishP.O. Box 10658
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 1996-02-02
- Expires
- 2030-02-03 1355 days left
- Updated
- 2022-10-27
- Name servers
-
- pdns01.domaincontrol.com
- pdns02.domaincontrol.com
DNS records live
- NS
-
- pdns01.domaincontrol.com
- pdns02.domaincontrol.com
- MX
-
- 0 stjamesla-com.mail.protection.outlook.com
- TXT
-
google-site-verification=WKjXkd02dfR6asGZi5w7eY6ar0QhpCRYMzwHl7E3RYgatlassian-domain-verification=ZzvVVKLray0aBqfxXIYk0gRUxdk4C2uDVhxaCxYzg6XtYd784jMdbpawuFEcBaOsapple-domain-verification=BSP213PG31Qc8dpT
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4zw/3F7Iqx8HeryShP7wxaM3MBI04rEW9QUXGE5mH5n1ly5qX+AcAKXq0z2L8TNU0+VU60TtR/7rV2q+XSb…
selectors probed - selector1:
Certificate (current)
R12
Expires in 80 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *