indexo.dev

internet-speed-test.app

.app crawl

First seen 2026-05-05 · Last seen 2026-05-05 · ok HTTP/1.1 200 1466 ms crawled 2026-05-11

US · 13.33.235.42 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Free Internet Speed Test - Test Your Download & Upload Speed | No Ads
Description
Test your internet speed for free. Check download speed, upload speed, ping, and jitter instantly. No ads, no tracking, no signup. Get your network quality score now with our AIM Score metric.
Language
en
Canonical
https://internet-speed-test.app

Open Graph

url
https://internet-speed-test.app
title
Free Internet Speed Test - Test Your Connection Speed
description
Free internet speed test with AIM Score. Check download, upload, ping instantly. No ads, no tracking.

Technology

CDN
Amazon CloudFront
Server
AmazonS3
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×3
  • fonts.gstatic.com×1
  • snapitanalytics.com×1

DNS records live

NS
  • ns-1352.awsdns-41.org
  • ns-1574.awsdns-04.co.uk
  • ns-250.awsdns-31.com
  • ns-527.awsdns-01.net
MX
  • 10 inbound-smtp.us-east-1.amazonaws.com

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2026-01-20 to 2027-02-19
Expires in 275 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://internet-speed-test.app/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), geolocation=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' blob: https://snapitanalytics.com https://accounts.google.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://js.stripe.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://unpkg.com https://cdn.tailwindcss.com https://api.web3forms.com https://www.googletagmanager.com https://sphinxagent.ai; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://accounts.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://unpkg.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com data:; img-src 'self' data: blob: https:; connect-src 'self' https: wss:; frame-src 'self' https://accounts.google.com https://js.stripe.com https://*.google.com; object-src 'none'; base-uri 'self'
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy
unsafe-none

Links to (2)

Linked from (1)