indexo.dev

env.sh

.sh user

First seen 2026-05-13 · Last seen 2026-05-13 · ok HTTP/1.1 200 231 ms crawled 2026-05-13

US · 192.30.252.153 · AS36459 GitHub, Inc.

Reputation 62/100 wrong cert weak security headers no dmarc policy

sector other type homepage

HTML metadata

Title
ype · a blog about stuff
Feeds

Technology

CDN
GitHub Pages
Server
GitHub.com

Third-party hosts loaded (2)

  • env.shicon.png×1
  • gmpg.org×1

Social

DNS records live

NS
  • ns-1524.awsdns-62.org
  • ns-158.awsdns-19.com
  • ns-1620.awsdns-10.co.uk
  • ns-868.awsdns-44.net
MX
  • 10 aspmx.l.google.com
  • 20 alt1.aspmx.l.google.com
  • 30 alt2.aspmx.l.google.com
  • 40 alt3.aspmx.l.google.com
  • 50 alt4.aspmx.l.google.com

Email authentication weak

SPF
v=spf1 include:mailgun.org ~all
softfail (~all)
DMARC
not published
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7F6UR3RWmF1xChRg8JiUr7W0p3S3TOQnqy69b4vgVJeoZTGRcaufkSYZsn1iAqwrK/qKfLSJrRaiFR6R0ve…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSvXrHNv3zAjO/lytnhQ5MUReit28zNiXCerIu7QkL9s/EfmqbR6v0pc1bnH+WVCjali/Hlk5G24i5L71yAGEXMJAHXlR…
selectors probed

Certificate (current) wrong cert

Sectigo Public Server Authentication CA DV R36
from 2026-04-14 to 2026-07-13
Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked over plain HTTP: http://env.sh/

findings
  • checked over plain HTTP
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy

Links to (3)