pennyreds.com

.com crawl

First seen 2026-04-27 · Last seen 2026-05-17 · ok HTTP/1.1 200 1897 ms crawled 2026-05-04

US · 151.101.1.75 · AS54113 Fastly, Inc.

Reputation 100/100

sector food type homepage

HTML metadata

Title: Penny Red's
Description: Penny Red’s serves up buckets of Chef Andrew Carmellini’s famous fried chicken, honey-butter biscuits, and local farmstead sides. Penny Red’s is open daily for takeout, or join us next door at The Brakeman, our craft beer and rec hall, to stay.
Language: en-US
Canonical: https://www.pennyreds.com

Open Graph

url: https://www.pennyreds.com/
title: Penny Red's
site name: Penny Red's
description: Penny Red’s serves up buckets of Chef Andrew Carmellini’s famous fried chicken, honey-butter biscuits, and local farmstead sides. Penny Red’s is open daily for takeout, or join us next door at The Brakeman, our craft beer and rec hall, to stay.

Technology

Server: nginx

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (16)

images.getbento.com×8
theme-assets.getbento.com×4
app-assets.getbento.com×3
www.googletagmanager.com×2
ajax.googleapis.com×1
assets-cdn-refresh.getbento.com×1
cdn-images.mailchimp.com×1
fonts.googleapis.com×1
fonts.gstatic.com×1
getbento.imgix.net×1
media-cdn.getbento.com×1
s3.amazonaws.com×1
widgets.resy.com×1
wsv3cdn.audioeye.com×1
www.google.com×1
www.gstatic.com×1

Social

Contact

Email

info@pennyreds.com

Phone

313-356-1446

Address

Street Detroit, MI 48226

Registration

Registrar

pair Networks, Inc. d/b/a pair Domains

Created

2014-12-03

Expires

2026-12-03 197 days left

Updated

2025-01-22

Name servers

ns5.pairnic.com
ns6.pairnic.com

DNS records live

NS

ns5.pairnic.com
ns6.pairnic.com

MX

10 aspmx.l.google.com
25 alt1.aspmx.l.google.com
25 alt2.aspmx.l.google.com
50 aspmx2.googlemail.com
50 aspmx3.googlemail.com

TXT

v=spf1 include:_spf.google.com include:servers.mcsv.net ~all

Verified for

Google

Certificate (current)

R12

from 2026-04-23 to 2026-07-22

Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.pennyreds.com/

present

strict-transport-security
content-security-policy
x-frame-options
cross-origin-opener-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' * https://cdn.us.heap-api.com https://heapanalytics.com https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval'; script-src-elem * https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' * https://heapanalytics.com https://viewer.threshold360.com blob: data:; style-src 'self' * https://heapanalytics.com https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' * https://c.us.heap-api.com https://heapanalytics.com https://viewer.threshold360.com wss://viewer.threshold360.com blob:; font-src 'self' * https://heapanalytics.com https://viewer.threshold360.com data:; frame-src 'self' * https://viewer.threshold360.com; worker-src * blob:; media-src * blob: data:; frame-ancestors 'self';
strict-transport-security: max-age=2592000; includeSubDomains
cross-origin-opener-policy: same-origin

Links to (10)

Linked from (2)

nhgnyc.com×2
thebrakemandetroit.com×1