pennytalk.com
HTML metadata
Technology
- Server
- Microsoft-IIS
- CMS
- Ghost
- Ads
-
- Google Ads
- Google Ads (DoubleClick)
Third-party hosts loaded (4)
- www.googleadservices.com×4
- googleads.g.doubleclick.net×2
- use.typekit.com×1
- www.facebook.com×1
Social
Contact
- Phone
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2000-02-10
- Expires
- 2027-02-10 267 days left
- Updated
- 2026-02-10
- Name servers
-
- ns-1037.awsdns-01.org
- ns-13.awsdns-01.com
- ns-1981.awsdns-55.co.uk
- ns-976.awsdns-58.net
DNS records live
- NS
-
- ns-1037.awsdns-01.org
- ns-13.awsdns-01.com
- ns-1981.awsdns-55.co.uk
- ns-976.awsdns-58.net
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
v=spf1 include:spf.idt.net ~allglobalsign-domain-verification=CC6B8C6C5226656F1FFBD80499236828
Certificate (current)
Amazon RSA 2048 M01
Expires in 169 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src https://* 'self'; connect-src https://* 'self'; font-src https://* 'self'; frame-src https://* http://*.twimg.com http://itunes.apple.com; img-src https://* data:; media-src https://*; object-src https://* 'self'; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline';- strict-transport-security
max-age=31536000; includeSubDomains; preload