mydys.app

HTML metadata

Title

MYdys: Dyslexia Reading App | Assistive Technology for All

Description

Get MYdys — the award-winning dyslexia reading app. Instantly scan text, customize fonts, colors, and spacing, and listen with text-to-speech. Try it free!

Language

en

Canonical

https://mydys.app/en/index.php

Translations

fr

Open Graph

url: https://mydys.app/en
title: MYdys: Dyslexia Reading App | Assistive Technology for All
description: Get MYdys — the award-winning dyslexia reading app. Instantly scan text, customize fonts, colors, and spacing, and listen with text-to-speech. Try it free!

Technology

CDN: Cloudflare

Third-party hosts loaded (1)

www.google.com×1

DNS records live

NS

annabel.ns.cloudflare.com
craig.ns.cloudflare.com

Email authentication no MX

SPF

v=spf1 -all

strict (-all)

DMARC

v=DMARC1;p=rejet;sp=rejet;adkim=s;aspf=s

no policy tag

DKIM

Show 12 DKIM selectors

default: v=DKIM1 ; p=
google: v=DKIM1 ; p=
selector1: v=DKIM1 ; p=
selector2: v=DKIM1 ; p=
k1: v=DKIM1 ; p=
k2: v=DKIM1 ; p=
mail: v=DKIM1 ; p=
dkim: v=DKIM1 ; p=
s1: v=DKIM1 ; p=
s2: v=DKIM1 ; p=
mxvault: v=DKIM1 ; p=
smtpapi: v=DKIM1 ; p=

selectors probed

Certificate (current)

WE1

from 2026-03-28 to 2026-06-26

Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://mydys.app/en/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin
x-frame-options: DENY
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=()
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; default-src 'self' https://*.facil-iti.app https://ws.facil-iti.com https://www.google.com https://www.gstatic.com https://www.youtube.com; font-src 'self' https://*.fontawesome.com fonts.gstatic.com https://*.facil-iti.app ; style-src 'unsafe-inline' 'self' fonts.googleapis.com https://ws.facil-iti.com; connect-src 'self' https://web-service.facil-iti.app https://*.fontawesome.com https://*.facil-iti.app https://faciliti.matomo.cloud https://www.google.com https://www.gstatic.com; img-src 'self' data: https://ws.facil-iti.com; script-src 'self' 'nonce-R9G4x5zj4lr3g4ebn9d8h4RghGZP8RMM' https://kit.fontawesome.com https://cdn.matomo.cloud https://faciliti.matomo.cloud https://www.youtube.com https://cdn.facil-iti.app https://ws.facil-iti.com https://www.google.com https://www.gstatic.com; media-src 'self'; manifest-src 'self'; style-src-attr 'self'; report-to csp-endpoint;
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin

Links to (1)

facil-iti.com×4

Linked from (1)

facil-iti.com×4