indexo.dev

ncatlab.org

.org crawl

First seen 2026-04-13 · Last seen 2026-05-14 · ok HTTP/1.1 200 5083 ms crawled 2026-05-07

US · 128.2.25.48 · AS9 Carnegie Mellon University

Reputation 100/100

Classifying

HTML metadata

Title
nLab
Language
en
Feeds

Technology

Server
nginx

Third-party hosts loaded (1)

  • cdn.jsdelivr.net×1

Social

Registration

Registrar
eNom, LLC
Created
2008-11-27
Expires
2026-11-27 192 days left
Updated
2025-11-19
Name servers
  • bailey.ns.cloudflare.com
  • quincy.ns.cloudflare.com

DNS records live

NS
  • bailey.ns.cloudflare.com
  • quincy.ns.cloudflare.com
MX
  • 300 saunders2.andrew.cmu.edu

Email authentication strong

SPF
v=spf1 mx include:_spf.cmu.edu -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:postmaster@ncatlab.org
policy: reject (enforced)
DKIM
  • default: v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCq6ADQhjO2o1pd/fODaSZTlZa91q58VeQQwgHChJju2YkRoH5GniMMQ+n4rT11KtREyZol…
selectors probed

Certificate (current)

E7
from 2026-03-07 to 2026-06-05
Expires in 18 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://ncatlab.org/nlab/show/HomePage

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdn.rawgit.com; font-src 'self' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; img-src 'self' https://ncatlab.org *; report-uri /cspreport
strict-transport-security
max-age=31536000

Links to (3)

Linked from (4)