fsgroningen.nl
HTML metadata
Technology
- Server
- nginx
Third-party hosts loaded (1)
- static.genkgo.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1.genkgo.net
- ns2.genkgo.net
- ns3.genkgo.net
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
ge-verification=3108483750a7d6b4
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 a mx include:spf.genkgo.net include:_spf.google.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; sp=nonepolicy: none (monitoring only) · sp=none - DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 84 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self'; child-src 'self' *.youtube.com https://static.genkgo.com https://risk.genkgo.app; connect-src 'self' https://static.genkgo.com https://risk.genkgo.app; font-src 'self' https://static.genkgo.com https://risk.genkgo.app; img-src 'self' https://* https://static.genkgo.com https://risk.genkgo.app data:; media-src 'self' https://static.genkgo.com https://risk.genkgo.app; script-src 'self' https://static.genkgo.com https://risk.genkgo.app 'unsafe-inline'; style-src 'self' https://static.genkgo.com https://risk.genkgo.app 'unsafe-inline'; report-uri https://fsgroningen.nl/f/error-report/report/csp; upgrade-insecure-requests- strict-transport-security
max-age=31536000; preload