indexo.dev

ctfd.io

.io crawl

First seen 2026-04-14 · Last seen 2026-05-11 · ok HTTP/1.1 200 787 ms crawled 2026-05-08

US · 104.21.19.74 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
CTFd : The Easiest Capture The Flag Platform
Description
The best Capture The Flag framework out there for hiring hackers, training developers, and teaching students.

Open Graph

url
https://ctfd.io/
title
CTFd : The Easiest Capture The Flag Framework
site name
CTFd LLC
description
The best Capture The Flag framework out there for hiring hackers, training developers, and teaching students.

Technology

CDN
Cloudflare
CMS
Gatsby
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • cdn.jsdelivr.net×3
  • ajax.googleapis.com×1
  • cdnjs.cloudflare.com×1
  • fonts.googleapis.com×1
  • netdna.bootstrapcdn.com×1

Social

DNS records live

NS
  • terry.ns.cloudflare.com
  • tia.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • GlobalSign
  • Google

Email authentication partial

SPF
v=spf1 a mx include:_spf.google.com include:helpscoutemail.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:re+uslrwgjluwu@dmarc.postmarkapp.com; sp=none; aspf=r;
policy: none (monitoring only) · sp=none
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscH1pcjJETIMa1xiLAifBw7MrBvTiE6qZgzzUASRlWr7L88qBz7v+B+Wus2mgtVQFa8NtIMaxFD3Xe…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

WE1
from 2026-04-19 to 2026-07-18
Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://ctfd.io/

present
  • x-content-type-options
  • referrer-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff

Links to (10)

Linked from (2)