indexo.dev

figureslibres.io

.io crawl

First seen 2026-04-27 · Last seen 2026-05-16 · ok HTTP/1.1 200 2349 ms crawled 2026-05-20

FR · 37.187.128.68 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

Classifying

Technology

Server
nginx
JS framework
Nuxt

DNS records live

NS
  • dns200.anycast.me
  • ns200.anycast.me
MX
  • 10 figureslibres.io

Email authentication partial

SPF
v=spf1 a mx -all
strict (-all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
  • mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsQS5hhP+m4hexBkneJ5HuyesQ9BnUwJnHEnmDuiMDQOyNXfpm1BAui8XyyNAN0pLPTdsYexsSxlUk5YzRbL…
selectors probed

Certificate (current)

R13
from 2026-05-10 to 2026-08-08
Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://figureslibres.io/yunohost/sso/?r=aHR0cHM6Ly9maWd1cmVzbGlicmVzLmlvLw==

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
Header values
x-frame-options
SAMEORIGIN
permissions-policy
interest-cohort=()
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; object-src 'none'; img-src 'self' data:;
strict-transport-security
max-age=63072000; includeSubDomains; preload

Linked from (1)