indexo.dev

cspf.co.uk

.uk crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 520 ms crawled 2026-05-19

GB · 139.162.213.47 · AS63949 Akamai Connected Cloud

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Channel Swimming & Piloting Federation - Welcome
Description
The Channel Swimming & Piloting Federation (CS&PF) is the largest and most comprehensive governing body for English Channel swimming.
Feeds

Open Graph

url
https://cspf.co.uk/
title
Channel Swimming & Piloting Federation - Welcome
site name
Channel Swimming and Piloting Federation
description
The Channel Swimming & Piloting Federation (CS&PF) is the largest and most comprehensive governing body for English Channel swimming.

Technology

Server
Unknown
Fonts
  • Google Fonts

Third-party hosts loaded (1)

  • fonts.googleapis.com×1

Social

Registration

Registrar
123-Reg Limited t/a 123-reg
Created
2011-03-14
Expires
2027-03-14 298 days left
Updated
2024-07-02
Name servers
  • ns11.domaincontrol.com.
  • ns12.domaincontrol.com.

DNS records live

NS
  • ns11.domaincontrol.com
  • ns12.domaincontrol.com
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • google-site-verification=XWRvjIgRb1DEH_mh1DGx8ongCVugpqAgsNxA1fQ4Y7Y

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-03-28 to 2026-06-26
Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://cspf.co.uk/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src https: 'self'; connect-src https: 'self'; style-src https: 'self' 'unsafe-inline' 'self' 'unsafe-inline' fast.fonts.net 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com; frame-src https: 'unsafe-inline' 'self'; frame-ancestors https: 'self'; media-src https:; object-src https: 'unsafe-inline' 'self' www.youtube.com; script-src https: 'self' 'unsafe-inline' 'self' 'unsafe-eval' 'self' 'unsafe-inline' maps.google.com www.google-analytics.com maps.googleapis.com 'unsafe-inline' platform.twitter.com 'unsafe-inline' fast.fonts.net; img-src https: 'self' blob: *.cspf.co.uk *.googleapis.com maps.google.com csi.gstatic.com maps.gstatic.com www.google-analytics.com; font-src https: data: fonts.gstatic.com fast.fonts.net;

Links to (3)

Linked from (1)