indexo.dev

ponoko.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 4643 ms crawled 2026-05-16

US · 34.160.131.95 · AS396982 Google LLC

Reputation 100/100

Classifying

HTML metadata

Title
Metal & plastic laser cutting. Get online quote in seconds.
Description
Precision metal & plastic custom laser cutting, engraving, bending & finishing. Online DFM feedback & quote in seconds, custom parts delivered SAME day. No minimum order size. Used by Apple, NASA, Tesla.
Language
en
Canonical
https://www.ponoko.com/

Technology

Server
nginx

Social

Contact

Email

Registration

Registrar
Register.com - Network Solutions, LLC
Created
2006-09-03
Expires
2026-09-03 107 days left
Updated
2025-08-27
Name servers
  • ns-cloud-e1.googledomains.com
  • ns-cloud-e2.googledomains.com
  • ns-cloud-e3.googledomains.com
  • ns-cloud-e4.googledomains.com

DNS records live

NS
  • ns-cloud-e1.googledomains.com
  • ns-cloud-e2.googledomains.com
  • ns-cloud-e3.googledomains.com
  • ns-cloud-e4.googledomains.com
MX
  • 1 aspmx.l.google.com
TXT
  • google-site-verification=EDNLjmw406LWu368HPFQALok1ZXs06wKkSbP2cP3Eic

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:amazonses.com include:mailer.chargify.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; sp=reject; rua=mailto:re+g07shhpzvqp@dmarc.postmarkapp.com; ruf=mailto:dmarc-ruf@ponoko.com; fo=1; adkim=s; aspf=r; pct=100
policy: reject (enforced) · sp=reject
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKYuux3zX6utk4VP6C9stibALHirdzjBVis4U/8jMVCbY3YL1KpXMChz7OKPLZImLk6hNo7mGIGIz9…
selectors probed

Certificate (current)

WR3
from 2026-04-29 to 2026-07-28
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.ponoko.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: https://*.braintreegateway.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://cdn.ingest-lr.com https://cdn.intake-lr.com https://cdn.lgrckt-in.com https://cdn.logr-ingest.com https://cdn.logrocket.io https://cdn.lr-in-prod.com https://cdn.lr-in.com https://cdn.lr-ingest.com https://cdn.lr-ingest.io https://cdn.lr-intake.com https://cdn.lrkt-in.com https://*.resolvepay.com https://*.segment.com https://*.segment.io https://accounts.google.com; img-src 'self' data: *.google-analytics.com *.ponoko.com https://us-central1-ponokocloud.cloudfunctions.net *.intercomcdn.com *.intercomassets.com *.googleapis.com https://px.ads.linkedin.com https://secure.gravatar.com assets.braintreegateway.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com assets.braintreegateway.com https://accounts.google.com/gsi/style; font-src '
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (1)