indexo.dev

gem.app

.app crawl

First seen 2026-04-14 · Last seen 2026-05-15 · ok HTTP/1.1 202 2039 ms crawled 2026-05-08

US · 3.164.206.60 · AS16509 Amazon.com, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Language
en

Technology

CDN
Amazon CloudFront
Server
CloudFront

Third-party hosts loaded (1)

  • 655bd897e678.991f8b39.eu-west-1.token.awswaf.com×1

DNS records live

NS
  • ns-1148.awsdns-15.org
  • ns-1575.awsdns-04.co.uk
  • ns-4.awsdns-00.com
  • ns-978.awsdns-58.net
MX
  • 10 spool.mail.gandi.net
  • 50 fb.mail.gandi.net
TXT
  • site-verification=0c16ab138f8d0c07b1c7d306ba2bbfdb
  • google-site-verification=7FKFE880VnGDsr2AjiUFOE6EJ6aKGmYr6WGOJ3zOeEM

Email authentication strong

SPF
v=spf1 include:_mailcust.gandi.net ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; pct=100; rua=mailto:re+e3wtygvi2i5@dmarc.postmarkapp.com; sp=reject; aspf=r;
policy: reject (enforced) · sp=reject
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2025-12-27 to 2027-01-25
Expires in 250 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://gem.app/

findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy

Linked from (2)