pmug.ga

Technology

Server

Microsoft-IIS

Fonts

• Google Fonts

Third-party hosts loaded (2)

• fonts.googleapis.com×2
• fonts.gstatic.com×1

DNS records live

NS

• ns-143-c.gandi.net
• ns-50-b.gandi.net
• ns-65-a.gandi.net

MX

• 0 pmug-ga.mail.protection.outlook.com

TXT

• MS=ms34819646
• google-site-verification=YoXByO9j6APYTuchf54ZMuUNneU-pf6ws70WBZKjALM

Email authentication weak

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

not published

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm+NlAIbxdTh8Q3CN+i0EEr4WtwOoVAz5OSs6QWV+KLRL6sft27a6j3cBwlhXvP4uJSbR4I7attEYo…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzmBAmMBKVSdEXrj+lUVNjknuQN3BsldF3zpt9fBEIcp2ZHLdV/eYCsSvZT4AiAdmMpagQotwVYxBf…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://pmug.ga/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources