greglang.me

.me crawl

First seen 2026-04-13 · Last seen 2026-05-10 · ok HTTP/1.1 200 670 ms crawled 2026-05-07

DE · 35.157.26.135 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title

Gregory Lang

Description

Personal website for Gregory Lang

Language

en-us

Generator

Hugo 0.145.0

Canonical

https://greglang.me/

Feeds

Gregory Lang RSS

Open Graph

url: https://greglang.me/
title: Home
locale: en_us
site name: Gregory Lang
description: Personal website for Gregory Lang

Technology

CDN: Netlify
CMS: Hugo

Contact

Email

greg@greglang.me

DNS records live

NS

dns1.p01.nsone.net
dns2.p01.nsone.net
dns3.p01.nsone.net
dns4.p01.nsone.net

MX

10 in1-smtp.messagingengine.com
20 in2-smtp.messagingengine.com

Email authentication partial

SPF: v=spf1 include:spf.messagingengine.com ?all
neutral (?all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

from 2026-03-08 to 2026-06-06

Expires in 19 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://greglang.me/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), serial=(), sync-script=(), trust-token-redemption=(), vertical-scroll=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://netlify.app https://greglang.me; script-src 'self' 'unsafe-inline' 'inline-speculation-rules' https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; style-src-attr 'unsafe-inline'; img-src * 'self'; font-src 'self' https://cdn.jsdelivr.net; connect-src 'none'; object-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload