fsgconference.nl
HTML metadata
Technology
- Server
- nginx
Third-party hosts loaded (1)
- static.genkgo.com×1
Social
Contact
DNS records live
- NS
-
- ns1.genkgo.net
- ns2.genkgo.net
- ns3.genkgo.net
- MX
-
- 1 smtp.google.com
- TXT
-
v=DMARC1; p=none; rua=mailto:postmaster@yourdomain.com; fo=1;ge-verification=3006e7767e1d35cb
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 include:spf.genkgo.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none; sp=nonepolicy: none (monitoring only) · sp=none - DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 84 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self'; child-src 'self' *.youtube.com *.youtube-nocookie.com https://static.genkgo.com https://risk.genkgo.app; connect-src 'self' *.google-analytics.com https://static.genkgo.com https://risk.genkgo.app; font-src 'self' *.typekit.net https://static.genkgo.com https://risk.genkgo.app; img-src 'self' https://* https://static.genkgo.com https://risk.genkgo.app data:; media-src 'self' https://static.genkgo.com https://risk.genkgo.app; script-src 'self' *.typekit.net *.google-analytics.com *.youtube.com *.ytimg.com connect.facebook.net *.googletagmanager.com https://static.genkgo.com https://risk.genkgo.app 'unsafe-inline'; style-src 'self' *.typekit.net https://static.genkgo.com https://risk.genkgo.app 'unsafe-inline'; report-uri https://fsgconference.nl/f/error-report/report/csp; upgrade-insecure-requests- strict-transport-security
max-age=31536000; preload