indexo.dev

discoverflow.co

.co crawl

First seen 2026-04-30 · Last seen 2026-05-18 · ok HTTP/1.1 200 2817 ms crawled 2026-05-08

US · 104.18.26.26 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Language
en-EN

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
  • Google Tag Manager

Third-party hosts loaded (4)

  • .kameleoon.eu×1
  • static.cloudflareinsights.com×1
  • static.katalon.com×1
  • www.googletagmanager.com×1

DNS records live

NS
  • elisabeth.ns.cloudflare.com
  • emerson.ns.cloudflare.com
MX
  • 1 discoverflow-co.mail.protection.outlook.com
TXT
Show 5 TXT records
  • wiz-domain-verification=1c42de953673c9ceb3a100c44bc6bc00ce3efebd2b53d5912bdeb562913cb0ec
  • MS=ms79635523
  • globalsign-domain-verification=0566135732748FAA15023F6F339EAFEC
  • globalsign-domain-verification=78C4D3CFD97489423C17EA9BB5C52875
  • google-site-verification=VIzGiqa-75imVwu5Qj3d077qRvkws2A31hPDTn7jsoA

Email authentication strong

SPF
v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email
policy: reject (enforced)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshOH1mBvonxAg1Pm68MgZ5SUDdMX7h+FbpUd+92yq+kmf3Sam0T2RIqmL9ZfM6r5OaalCo/ZZDVhvCr9ib…
selectors probed

Certificate (current)

WE1
from 2026-03-28 to 2026-06-26
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://discoverflow.co/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; media-src * https://lla-cms-prod.directus.app; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; object-src 'none'; frame-ancestors 'self' https://cwc.kcenter.usu.com https://cwc.cloud.usu.com; frame-src * https://nebula-cdn.kampyle.com https://libertyglobal.kampyle.com https://optimize.google.com https://www.youtube.com https://www.google.com https://www.facebook.com https://www.google-analytics.com https://www.googleanalytics.com https://openspeedtest.com https://www2.discoverflow.co https://www.discoverflow.co https://discoverflow.co https://analytics.discoverflow.co; form-action *; worker-src * blob:;
strict-transport-security
max-age=31536000

Linked from (2)