indexo.dev

fling.me

.me crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2925 ms crawled 2026-05-18

US · 208.91.204.10 · AS40539 Hosting Consulting, Inc

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Fling - Join Free
Canonical
https://www.fling.me

Open Graph

url
https://www.fling.me/
site name
Fling

Technology

Server
nginx
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • fonts.googleapis.com×2
  • cachemd.cdnhost2000xl.com×1
  • fonts.gstatic.com×1
  • webmasters.hugetraffic.com×1
  • www.facebook.com×1
  • www.googletagmanager.com×1

Contact

Email
Phone

DNS records live

NS
  • ns0.reflected.net
  • ns1.reflected.net
MX
  • 10 mail.answer-pro.com
TXT
  • google-site-verification=oHiWEvX6Waxbq-BWelK6n7Q1hr5P-WT7lxuM1i_7QPo

Email authentication strong

SPF
v=spf1 include:mail.zendesk.com mx -all
strict (-all)
DMARC
v=DMARC1; p=quarantine
policy: quarantine
DKIM
  • mail: v=DKIM1; h=sha256; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYuVmQY/OjDV01VEBLcwbbOSp+rjVzomPvTY5AWoS3qCiTxasTaI0e5LKvm…
selectors probed

Certificate (current)

E7
from 2026-04-30 to 2026-07-29
Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.fling.me/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
upgrade-insecure-requests; default-src *; media-src * data: blob: rtmp: mediastream:; child-src * data: blob: gsa: webviewprogressproxy:; img-src * data: blob: android-webview-video-poster:; script-src * 'unsafe-inline' 'unsafe-eval' data: opera:; frame-src * 'unsafe-inline' data: gsa: webviewprogressproxy:; style-src * 'unsafe-inline' data:; connect-src * 'unsafe-inline' ws: wss:; font-src * data:; object-src *; report-uri /members/util/log_csp/

Links to (1)

Linked from (1)