breakingmuscle.com

.com crawl

First seen 2026-05-15 · Last seen 2026-05-15 · ok HTTP/1.1 200 3123 ms crawled 2026-05-20

US · 13.33.235.124 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Breaking Muscle

Description

Breaking Muscle is the fitness world’s preeminent destination for timely, high-quality information on exercise, fitness, health, and nutrition. Our audience encompasses the entire spectrum of the fitness community

Language

en-US

Generator

WordPress 6.3.1

Canonical

https://breakingmuscle.com/

Feeds

Breaking Muscle » Feed RSS
Breaking Muscle » Comments Feed RSS

Open Graph

url: https://breakingmuscle.com/
title: Breaking Muscle
locale: en_US
site name: Breaking Muscle
description: Breaking Muscle is the fitness world’s preeminent destination for timely, high-quality information on exercise, fitness, health, and nutrition. Our audience encompasses the entire spectrum of the fitness community

Technology

CDN: Amazon CloudFront
Server: Apache
CMS: WordPress 6.3.1
jQuery: 3.7.0

Analytics

Google Tag Manager

Third-party hosts loaded (5)

www.googletagmanager.com×3
scripts.mediavine.com×2
applets.ebxcdn.com×1
cdn.p-n.io×1
js.getlasso.co×1

Social

Contact

Phone

206362758-2

Registration

Registrar

GoDaddy.com, LLC

Created

2010-03-18

Expires

2027-03-18 301 days left

Updated

2024-07-26

Name servers

ns-1053.awsdns-03.org
ns-1974.awsdns-54.co.uk
ns-229.awsdns-28.com
ns-737.awsdns-28.net

DNS records live

NS

ns-1053.awsdns-03.org
ns-1974.awsdns-54.co.uk
ns-229.awsdns-28.com
ns-737.awsdns-28.net

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 4 TXT records

amazonses:gDn5z369JRx1TzKB0b7stBnvjEveOr3fiPsP/xuBgAY=
ca3-a0b3e107e3714312b640638a60fc2ba1
ca3-f0380e95fe3d4d9280dce86ad9c21eb5
v=DMARC1; p=none; pct=10; rua=mailto:tools@pillarfour.com; ruf=mailto:tools@pillarfour.com

Verified for

Google

Email authentication weak

SPF: v=spf1 a mx a:rubicon.tgdaily.com a:web1.tgdaily.com a:db1.tgdaily.com ip4:76.75.207.16/28 include:_spf.google.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Amazon RSA 2048 M02

from 2025-09-06 to 2026-10-06

Expires in 138 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://breakingmuscle.com/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
missing Permissions Policy

Header values

referrer-policy: unsafe-url
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self'; media-src 'self' https: blob:; upgrade-insecure-requests;
strict-transport-security: max-age=600
content-security-policy-report-only: default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self';

Links to (4)

Linked from (1)

fitisafeministissue.com×1