indexo.dev

shostack.org

.org crawl

First seen 2026-04-14 · Last seen 2026-05-05 · ok HTTP/1.1 200 420 ms crawled 2026-05-07

US · 75.2.60.5 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Shostack + Associates > Home
Description
The best threat modeling training available.
Language
en
Generator
Eleventy v3.1.2
Feeds

Open Graph

url
https://shostack.org/
title
Home
description
The best threat modeling training available.

Technology

CDN
Netlify
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • js.hs-scripts.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
CSL Computer Service Langenbach GmbH d/b/a joker.com
Created
2006-09-21
Expires
2027-09-21 488 days left
Updated
2025-09-16
Name servers
  • x.ns.joker.com
  • y.ns.joker.com
  • z.ns.joker.com

DNS records live

NS
  • x.ns.joker.com
  • y.ns.joker.com
  • z.ns.joker.com
MX
  • 50 endor.shostack.org
Verified for
  • Google

Email authentication strong

SPF
v=spf1 mx ip4:96.126.96.89 ip4:69.164.213.88 ip6:2600:3c01::f03c:91ff:fecc:c6c8 a:endor.shostack.org include:23580113.spf02.hubspotemail.net include:bf01.hubspotstarter.net include:outbound.mailhop.org -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine;rua=mailto:shostackorg-d@dmarc.report-uri.com,mailto:dmarc@shostack.uriports.com;ruf=mailto:shostackorg-d@dmarc.report-uri.com,mailto:dmarc@shostack.uriports.com;fo=1; ri=86400
policy: quarantine · sp=quarantine
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed

Certificate (current)

E7
from 2026-03-25 to 2026-06-23
Expires in 34 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://shostack.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(),microphone=(),camera=()
x-content-type-options
nosniff
content-security-policy
default-src https: data: 'unsafe-inline'; frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=31536000

Links to (4)