thinkhwi.com
thinkhwi.com
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (4)
- fonts.googleapis.com×2
- fonts.gstatic.com×1
- www.googletagmanager.com×1
- www.youtube.com×1
Social
Contact
- Phone
- Address
- Corporate Headquarters2000 Park LaneSuite 400Pittsburgh, PA 15275+1 412-375-6600
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2014-12-15
- Expires
- 2033-12-15 2754 days left
- Updated
- 2025-09-25
- Name servers
-
- pdns09.domaincontrol.com
- pdns10.domaincontrol.com
DNS records live
- NS
-
- pdns09.domaincontrol.com
- pdns10.domaincontrol.com
- MX
-
- 0 mxa-0045e401.gslb.pphosted.com
- 0 mxb-0045e401.gslb.pphosted.com
- 10 external-thinkhwi-com.mail.protection.outlook.com
- 10 thinkhwi-com.mail.protection.outlook.com
- TXT
-
Show 6 TXT records
b2bvcj72bip4143vpklvadepk2lucid-verification=yex2qyk-zdf7BJM5vkhi5iq7ioo7tk4h7mur7r1fpr1dbG9ZV1lSXXZZkEDKcivIEq1xRqqQvSwEKkh3milu6GZRo3+4LVLeRwY0MDLVhrNkVgNGFe0JIa+XbnHbGmlWwNQ==9tv81bshp8updpr1db6j77duapMhZ125XAiNQLlPMDHxeB/4KOB+VC0GzLBFycNB5HijzM+1EM4Pqw01blw4A45Qyl8yKhm86sYI+uq+8EUMA41w==
- Verified for
-
- Brevo
- Canva
Email authentication strong
- SPF
-
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com,mailto:dmarc_agg@vali.email; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.compolicy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGUbTKL9vk1CH7Fl+HgfsLpKIDkO723hQOuegV9rdDTy189oNQOwNnzXGQBSOZIRKM3HClWQoZ0W0M… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1U2TDJUJJS3nkiR25MRXwU2Cse0I4thIfsyUq1zJs1w/aNPpZYW4jQczCjE9FsXEWKrs29qAThTEe… - mail:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2…
selectors probed - selector1:
Certificate (current)
R13
Expires in 66 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self' https://*.youtube.com https://*.thinkhwi.com https://docs.thinkhwi.com https://*.google-analytics.com https://*.gstatic.com/ https://maps.googleapis.com/ https://*.googletagmanager.com/ https://stats.g.doubleclick.net; img-src 'self' https://thinkhwi.com https://*.google-analytics.com https://*.gstatic.com/ https://maps.googleapis.com/ data: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.googletagmanager.com/ https://*.google-analytics.com https://*.youtube.com/; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com/ https://*.googletagmanager.com/ https://*.google-analytics.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com; worker-src 'self' blob: https://thinkhwi.com/c7baee2d-c568-4d1f-83e1-85050a38a486; font-src 'self' https://*.gstatic.com/ data:- strict-transport-security
max-age=31536000; includeSubdomains; preload
Links to (6)
- youtube.com×1
- x.com×1
- linkedin.com×1
- facebook.com×1
- calderys.com×1
- buzzsprout.com×1