indexo.dev

shopnotes.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1424 ms crawled 2026-05-18

US · 18.165.140.27 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
ShopNotes
Description
Expert woodworking tips, techniques, inspiration and more for woodworkers of any skill level.

Technology

CDN
Amazon CloudFront
Server
gunicorn
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Social widgets
  • YouTube Embed

Third-party hosts loaded (6)

  • images.ctfassets.net×5
  • www.youtube.com×2
  • fonts.googleapis.com×1
  • images.ahpc.us×1
  • www.aimmedia.com×1
  • www.googletagmanager.com×1

Contact

Address
st Media company©2026

Registration

Registrar
GoDaddy.com, LLC
Created
1996-08-13
Expires
2027-08-12 450 days left
Updated
2025-08-12
Name servers
  • ns-1221.awsdns-24.org
  • ns-2044.awsdns-63.co.uk
  • ns-216.awsdns-27.com
  • ns-652.awsdns-17.net

DNS records live

NS
  • ns-1221.awsdns-24.org
  • ns-2044.awsdns-63.co.uk
  • ns-216.awsdns-27.com
  • ns-652.awsdns-17.net
MX
  • 0 shopnotes-com.mail.protection.outlook.com
TXT
Show 4 TXT records
  • vtpgkkn53hhcfee2kgctd2a52i
  • MS=ms92284357
  • facebook-domain-verification=vi480s9f0c164ni89yo7ds8ksxidqo
  • google-site-verification=XU2SHtNkgesH_Wh6P80IPf8txdmlaxXTIt5jyVIOICs

Email authentication weak

SPF
v=spf1 ip4:173.254.196.77/32 include:spf.protection.outlook.com include:8195114.spf06.hubspotemail.net -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M03
from 2025-09-02 to 2026-10-02
Expires in 136 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.shopnotes.com/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self';prefetch-src 'self';connect-src 'self' www.google-analytics.com analytics.google.com securepubads.g.doubleclick.net pagead2.googlesyndication.com stats.g.doubleclick.net www.facebook.com analytics.google.com csi.gstatic.com cdp.omeda.com www.googletagservices.com oqs.omeda.com k.p-n.io www.google.com;font-src 'self' data: fonts.gstatic.com;img-src 'self' data: *;manifest-src 'self';media-src 'self' cdn.woodsmith.com media.woodsmith.com;object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com images.ahpc.us www.youtube.com secure.augusthome.com aim-scripts.s3.amazonaws.com www.shopnotes.com securepubads.g.doubleclick.net js.hsforms.net connect.facebook.net assets.pinterest.com adservice.google.com tpc.googlesyndication.com s.pinimg.com www.google.com www.gstatic.com cdn.ampproject.org bat.bing.com googleads.g.doubleclick.net www.aimmedia.com olytics.omeda.com cdn.p-n.io;style-src 'self' 'unsafe-inline' cdn.jsd
cross-origin-opener-policy
same-origin

Links to (9)

Linked from (14)