krew.io

HTML metadata

Technology

CDN

Cloudflare

DNS records live

NS

• jarred.ns.cloudflare.com
• lovisa.ns.cloudflare.com

MX

• 10 mx1.privateemail.com
• 10 mx2.privateemail.com
• 10 route1.mx.cloudflare.net
• 10 route2.mx.cloudflare.net
• 10 route3.mx.cloudflare.net

Verified for

• Google

Email authentication partial

SPF

v=spf1 include:spf.privateemail.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:ahoy@krew.io

policy: none (monitoring only)

DKIM

• mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpmlgVj+9KE35dkTcs9uXfQl+gnpNbPBGovbsk3QU/Bnqhn4TzwZ8y935MBX4jj6wxzX…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://krew.io/

present

• strict-transport-security
• x-content-type-options
• referrer-policy

findings

• short HSTS max-age
• missing Content Security Policy
• missing frame protection
• missing Permissions Policy

Linked from (1)

• boomcatcher.com×3