tnfirefly.com

.com crawl

First seen 2026-04-19 · Last seen 2026-05-09 · ok HTTP/1.1 200 2584 ms crawled 2026-05-13

US · 172.67.159.183 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Tennessee Firefly | Independent TN Education & Government News
Description: Tennessee Firefly delivers independent, fact-based reporting on education policy, school funding, and government decisions shaping Tennessee schools and communities.
Language: en

Open Graph

title: Tennessee Firefly | Independent TN Education & Government News
locale: en_US
site name: Tennessee Firefly
description: Tennessee Firefly delivers independent, fact-based reporting on education policy, school funding, and government decisions shaping Tennessee schools and communities.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Cloudflare Insights
Google Tag Manager

Third-party hosts loaded (3)

static.cloudflareinsights.com×1
www.facebook.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

Squarespace Domains LLC

Created

2021-11-19

Expires

2027-11-19 547 days left

Updated

2026-05-07

Name servers

emerie.ns.cloudflare.com
jaziel.ns.cloudflare.com

DNS records live

NS

emerie.ns.cloudflare.com
jaziel.ns.cloudflare.com

MX

Show 6 MX records

1 aspmx.l.google.com
1 smtp.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

Google

Email authentication partial

SPF: v=spf1 include:_spf.createsend.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

from 2026-05-07 to 2026-08-05

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://tnfirefly.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=(), browsing-topics=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net; font-src 'self' data: https://use.typekit.net https://p.typekit.net; img-src 'self' data: blob: https: http:; connect-src 'self' https://*.sanity.io https://www.google-analytics.com https://*.facebook.com https://*.facebook.net; frame-src 'self' https://*.sanity.io https://app.acuityscheduling.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'
strict-transport-security: max-age=15552000; includeSubDomains

Links to (9)

Linked from (1)

future-ed.org×2