disclose.io

.io crawl

First seen 2026-04-23 · Last seen 2026-05-17 · ok HTTP/1.1 200 6907 ms crawled 2026-05-17

US · 104.26.13.114 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title

disclose.io

Description

We're here to make vulnerability disclosure safe, simple, and standardized for everyone.

Language

en-us

Generator

Hugo 0.128.0

Canonical

https://disclose.io/

Feeds

disclose.io RSS

Open Graph

url: https://disclose.io/
title: disclose.io
site name: disclose.io
description: We're here to make vulnerability disclosure safe, simple, and standardized for everyone.

Technology

CDN: Cloudflare
CMS: Hugo

Analytics

Cloudflare Insights

Social widgets

YouTube Embed

Third-party hosts loaded (6)

github.com×26
img.youtube.com×4
www.youtube.com×4
unavatar.io×2
static.cloudflareinsights.com×1
unpkg.com×1

Social

DNS records live

NS

aurora.ns.cloudflare.com
christian.ns.cloudflare.com

MX

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
30 alt2.aspmx.l.google.com
40 alt3.aspmx.l.google.com
50 alt4.aspmx.l.google.com

TXT

google-site-verification=ug8x82DjS_kDJTWZU2mDHDr8D1jkAeqU3BNwocqKXrs
security_contact=mailto:security@disclose.io
security_policy=https://github.com/disclose/dioterms/blob/master/core-terms-vdp.md

Email authentication partial

SPF: v=spf1 include:_spf.google.com include:mailgun.org ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:security@disclose.io; pct=100
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-03-27 to 2026-06-25

Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://disclose.io/

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Links to (8)

Linked from (1)

cablej.io×2