indexo.dev

saly.dev

.dev crawl

First seen 2026-05-30 · Last seen 2026-05-30 · ok HTTP/1.1 200 145 ms crawled 2026-05-31

PL · 178.216.200.177 · AS31229 Beyond.pl sp. z o.o.

Reputation 75/100 wrong cert

Classifying

HTML metadata

Title
Apache2 Debian Default Page: It works

Technology

Server
Apache

DNS records live

NS
  • ns1.e24dns.com
  • ns2.e24dns.com

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current) wrong cert

R13
from 2026-05-15 to 2026-08-13
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked over plain HTTP: http://saly.dev/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • checked over plain HTTP
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.cloud.es.io https://uat.saly.pl:1441 https://backend.getbeamer.com https://app.getbeamer.com/ https://gateway.saly.dev data:; connect-src 'self' https://gateway.saly.dev https://*.saly.dev https://uat.saly.pl:1441 https://backend.getbeamer.com https://app.getbeamer.com/ https://e583f3da2e94493bb6bc105ba2585d77.europe-west3.gcp.cloud.es.io https://i-o-optimized-deployment-854954.ent.europe-west3.gcp.cloud.es.io; font-src * data:; img-src * data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://uat.saly.pl:1441 https://app.getbeamer.com/js/beamer-embed.js blob:; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://uat.saly.pl:1441 https://app.getbeamer.com https://fonts.googleapis.com; frame-ancestors 'self' *

Links to (2)

Linked from (1)