thespanner.co.uk

.uk crawl

First seen 2026-04-17 · Last seen 2026-05-13 · ok HTTP/1.1 200 993 ms crawled 2026-05-11

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

The Spanner - a web security blog

Description

The Spanner is a web security blog created by Gareth Heyes, featuring articles on topics such as bypassing DOMPurify with mXSS, new Internet Explorer mutation vectors, and rewriting relative URLs with the base tag in Safari. The blog also highlights tools like Hackvertor and Shazzer.

Language

Feeds

RSS Feed for The Spanner blog RSS

Open Graph

title: The Spanner - a web security blog
description: The Spanner is a web security blog created by Gareth Heyes, featuring articles on topics such as bypassing DOMPurify with mXSS, new Internet Explorer mutation vectors, and rewriting relative URLs with the base tag in Safari. The blog also highlights tools like Hackvertor and Shazzer.

Technology

CDN: Vercel
CMS: Next.js

Registration

Registrar

Ionos SE

Created

2006-10-25

Expires

2026-10-25 158 days left

Updated

2024-10-24

Name servers

ns1042.ui-dns.biz.
ns1042.ui-dns.com.
ns1042.ui-dns.de.
ns1042.ui-dns.org.

DNS records live

NS

ns1042.ui-dns.biz
ns1042.ui-dns.com
ns1042.ui-dns.de
ns1042.ui-dns.org

MX

10 mx00.ionos.co.uk
10 mx01.ionos.co.uk

Email authentication partial

SPF: v=spf1 include:_spf-eu.ionos.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-03-28 to 2026-06-26

Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://thespanner.co.uk/

present

strict-transport-security
x-frame-options

findings

missing Content Security Policy
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000