indexo.dev

maxheadlines.com

.com crawl

First seen 2026-04-15 · Last seen 2026-04-19 · ok HTTP/1.1 200 6256 ms crawled 2026-05-09

US · 209.182.202.254 · AS22611 InMotion Hosting, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
MaxHeadlines.com – Your Source for Real News
Language
en-US
Generator
Site Kit by Google 1.178.0
Feeds

Technology

Server
nginx
CMS
WordPress
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (20)
  • assets.zerohedge.com×14
  • a.impactradius-go.com×7
  • imp.pxf.io×4
  • cdn.shareaholic.net×3
  • fonts.googleapis.com×3
  • healthguardian.com×3
  • dollardays.pxf.io×2
  • js-na2.hs-scripts.com×2
  • lasvegasheadlines.com×2
  • www.theblaze.com×2
  • 1.envato.market×1
  • analytics.shareaholic.com×1
  • cdn.openshareweb.com×1
  • gmpg.org×1
  • partner.shareaholic.com×1
  • partners.inmotionhosting.com×1
  • recs.shareaholic.com×1
  • vegas.vdvm.net×1
  • www.googletagmanager.com×1
  • www.shareaholic.net×1

Social

Contact

Phone

Registration

Registrar
GoDaddy.com, LLC
Created
2025-08-31
Expires
2026-08-31 104 days left
Updated
2025-08-31
Name servers
  • ns.inmotionhosting.com
  • ns2.inmotionhosting.com

DNS records live

NS
  • ns1.inmotionhosting.com
  • ns2.inmotionhosting.com
MX
  • 0 mail.maxheadlines.com

Email authentication strong

SPF
v=spf1 ip4:209.182.200.39 include:relay.mailchannels.net +mx +a +ip4:209.182.202.254 ~all
softfail (~all)
DMARC
v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s;pct=100;fo=0;rf=afrf;ri=86400
policy: reject (enforced) · sp=reject
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrE/iux0V9HSPLi1MEHiJ5oeDfVmdIDLnvogRNUS7+xRrvTXMC38C/ohJNDGBsM575EnTxn5KKdyTI…
selectors probed

Certificate (current)

R12
from 2026-05-03 to 2026-08-01
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://maxheadlines.com/

present
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (28)

Linked from (3)