indexo.dev

coredao.org

.org crawl

First seen 2026-04-14 · Last seen 2026-05-19 · ok HTTP/1.1 200 1592 ms crawled 2026-05-07

US · 104.20.16.207 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Core: Stake Bitcoin for Yield & Explore Bitcoin DeFi
Description
The Core blockchain is where Bitcoin meets yield, DeFi, and high TPS — live now as the Proof of Stake Layer for Bitcoin.
Language
en

Open Graph

title
Core: Stake Bitcoin for Yield & Explore Bitcoin DeFi
description
The Core blockchain is where Bitcoin meets yield, DeFi, and high TPS — live now as the Proof of Stake Layer for Bitcoin.

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Cloudflare Insights

Third-party hosts loaded (1)

  • static.cloudflareinsights.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2022-02-20
Expires
2027-02-20 275 days left
Updated
2026-02-23
Name servers
  • nick.ns.cloudflare.com
  • piper.ns.cloudflare.com

DNS records live

NS
  • nick.ns.cloudflare.com
  • piper.ns.cloudflare.com
MX
Show 6 MX records
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 15 smedvcxvszj2kjxrztl7xwfgyoqn4nzckjr3isneedvudnfitcoa.mx-verification.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • 0a6c0157-d1df-4729-abbb-01a668f33d2f=9bcdc3cc6f5de0e303f243220f594f0e67430d45b994dae5943c8e5df7e15114
  • 774eeef1-3f77-4c89-ad64-db04cd57e773=9bcdc3cc6f5de0e303f243220f594f0e67430d45b994dae5943c8e5df7e15114
Verified for
  • Atlassian
  • Brevo
  • Google

Email authentication strong

SPF
v=spf1 include:mailgun.org include:sendersrv.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:4aac131d419a4c78b9679ea4331e2a12@dmarc-reports.cloudflare.net
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Vam2yLbwH0wDtyjgiCMMOb+ng4uTLxJcMW42yje6NdUSf5fBu25HwZMAe4RkoSJWwtJBlhhaNWBJZ…
selectors probed

Certificate (current)

WE1
from 2026-03-16 to 2026-06-14
Expires in 25 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://coredao.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://static.cloudflareinsights.com https://prod.spline.design https://tag.safary.club blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.gstatic.com; connect-src 'self' https://www.googletagmanager.com https://static.cloudflareinsights.com https://websiteapi.coredao.org https://scan.coredao.org https://websiteapi.test.btcs.network https://api.web3modal.com https://*.cloudflare.com https://*.cloudflare-ipfs.com https://*.amazonaws.com https://*.res.cloudinary.com https://*.githubusercontent.com https://*.walletconnect.org https://static.cloudflareinsights.com https://*.walletconnect.com https://*.googleanalytics.com https://*.googleapis.com https://*.gstatic.com https://analytics.google.com https://stats.g.doubleclick.net wss://*.walletconnect.org wss://*.walletconnect.com wss://www.walletlink.org https://prod.spline.design https://staking-api.core
strict-transport-security
max-age=15552000; includeSubDomains; preload

Linked from (2)