indexo.dev

fongoworks.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 3977 ms crawled 2026-05-16

CA · 98.143.96.242 · AS36493 FIBERNETICS CORPORATION

Reputation 100/100

Classifying

HTML metadata

Title
Fongo Works
Description
Canada’s FREE phone system for small businesses. Get a free business phone number and set up extensions on your team’s existing cell phones.
Language
en

Technology

Server
nginx
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Registration

Registrar
Rebel Ltd
Created
2014-04-23
Expires
2027-04-23 338 days left
Updated
2026-04-24
Name servers
  • aria.ns.cloudflare.com
  • dan.ns.cloudflare.com

DNS records live

NS
  • aria.ns.cloudflare.com
  • dan.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 4 TXT records
  • google-site-verification=x65pOxMeHMoS0JrJusQe--M1tGm3_BlcNYwy26i04-I
  • google-site-verification=zujpAqBK1kFk-anF9YWmwWIABLYhOHKHkepfyyQG4ig
  • Sh5HdmhOJD4JwTlgX_Liqe17xBddz7IXezIwnEqTr9k
  • gj6c1sh53n3tw1v1r185srq12llswg5v

Email authentication strong

SPF
v=spf1 ip4:66.38.192.0/24 ip4:74.205.217.0/24 ip4:208.85.220.0/24 ip4:98.143.96.0/24 ip4:162.213.111.0/24 ip4:98.143.111.0/24 ip4:208.85.218.0/24 ip4:208.85.217.0/24 ip4:208.65.240.134 mx include:mail.zendesk.com include:icpbounce.com include:spf.fongo1mail.fongo.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:mailauth-reports@fongoworks.com
policy: quarantine
DKIM
  • mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnyl7jp7RULpQirBy3296igM9ImiK/1J0RY3nGvQPJOcoDJK71D33v8K5tGkp1zKNd6np0EOJGX20mW+zqlP…
selectors probed

Certificate (current)

R12
from 2026-04-26 to 2026-07-25
Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.fongoworks.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://recaptcha.google.com https://www.googletagmanager.com https://www.google-analytics.com https://pagead2.googlesyndication.com https://ep2.adtrafficquality.google https://fundingchoicesmessages.google.com https://collectcdn.com https://*.collectcdn.com https://api.collect.chat https://collect.chat https://*.collect.chat https://www.facebook.com https://connect.facebook.net https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://www.google.com; img-src 'self' data: https: blob:; font-src 'self' data: https://collectcdn.com https://*.collectcdn.com https://collect.chat https://*.collect.chat; connect-src 'self' https://production.fongoworks.com https://www.google.com https://www.gstatic.com https://recaptchaenterprise.googleapis.com https://recaptcha.google.com https://www.googletagmanager.com https://www.google-analytics.com https://pagead2.googlesyndic
strict-transport-security
max-age=31536000; includeSubDomains

Links to (4)

Linked from (2)