indexo.dev

octobercms.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-20 · ok HTTP/1.1 200 2343 ms crawled 2026-05-20

US · 44.235.45.36 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
October - PHP CMS platform based on the Laravel Framework
Description
October CMS is a self-hosted award-winning platform based on the Laravel PHP Framework
Language
en
Canonical
https://octobercms.com/

Technology

Server
Apache
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • d2f5cg397c40hu.cloudfront.net×3
  • www.googletagmanager.com×1

Social

Registration

Registrar
NameCheap, Inc.
Created
2013-08-12
Expires
2026-08-12 83 days left
Updated
2024-11-15
Name servers
  • ns-1069.awsdns-05.org
  • ns-1850.awsdns-39.co.uk
  • ns-491.awsdns-61.com
  • ns-843.awsdns-41.net

DNS records live

NS
  • ns-1069.awsdns-05.org
  • ns-1850.awsdns-39.co.uk
  • ns-491.awsdns-61.com
  • ns-843.awsdns-41.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Meta

Email authentication weak

SPF
v=spf1 a mx include:helpscoutemail.com ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2025-08-04 to 2026-09-02
Expires in 104 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://octobercms.com/

present
  • content-security-policy
  • x-frame-options
  • referrer-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' 'unsafe-inline' d2f5cg397c40hu.cloudfront.net *.disquscdn.com disqus.com *.googleapis.com github.githubassets.com stats.g.doubleclick.net; script-src 'self' cdn.jsdelivr.net www.google.com player.vimeo.com d2f5cg397c40hu.cloudfront.net maps.googleapis.com js.stripe.com www.facebook.com connect.facebook.net https://connect.facebook.net platform.twitter.com *.disqus.com *.disquscdn.com www.google-analytics.com www.gstatic.com recaptcha.net 'unsafe-inline' 'unsafe-eval' *.algolianet.com *.algolia.net gist.github.com *.helpscout.net ssl.google-analytics.com *.gstatic.cn *.googletagmanager.com tagmanager.google.com cdn-cookieyes.com *.googleoptimize.com optimize.google.com www.klaviyo.com cdnjs.cloudflare.com *.licdn.com *.redditstatic.com static.klaviyo.com static-tracking.klaviyo.com accounts.google.com www.clarity.ms unpkg.com; frame-src 'self' www.youtube.com www.youtube-nocookie.com www.google.com recaptcha.net js.stripe.com player.vimeo.com www.facebook.com web.face

Links to (13)

Linked from (10)