indexo.dev

yeswehack.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-06 · ok HTTP/1.1 200 519 ms crawled 2026-05-08

FR · 178.33.190.135 · AS16276 OVH SAS

Reputation 100/100

Classifying

HTML metadata

Title
YesWeHack #1 Bug Bounty Platform in Europe
Description
Bug Bounty secures applications the agile way with a global community of ethical hackers through private and public programs. Create an effective vulnerability disclosure strategy for security researchers.
Language
en

Open Graph

url
https://www.yeswehack.com/
title
YesWeHack #1 Bug Bounty Platform in Europe
site name
YesWeHack #1 Bug Bounty Platform in Europe
description
Bug Bounty secures applications the agile way with a global community of ethical hackers through private and public programs. Create an effective vulnerability disclosure strategy for security researchers.

Technology

Server
nginx

Third-party hosts loaded (1)

  • challenges.cloudflare.com×1

Registration

Registrar
OVH sas
Created
2011-05-19
Expires
2027-05-19 365 days left
Updated
2026-04-28
Name servers
  • dns14.ovh.net
  • ns14.ovh.net

DNS records live

NS
  • dns14.ovh.net
  • ns14.ovh.net
MX
  • 0 yeswehack-com.mail.protection.outlook.com
TXT
Show 7 TXT records
  • atlassian-domain-verification=RfGGSlKu1By07p6E9OYdq4IysTxaQHoMWrdnsEmIhp6FHvcvZE2YlR8ZM8IHQhHm
  • ZOOM_verify_DLtylQSqTH6sALgGE9wxOw
  • google-site-verification=VjBoeAJr4YH6UHoW0p0Em2yZY9nP2wWjmwAL05aLYaw
  • asn-verification=57a225d14d8f137d77704fc682f31f0259adc9e245cd431839c09e55959d9342
  • MS=ms68739855
  • projectdiscovery-verification=8f9b3383c6
  • apple-domain-verification=kPuiTYVfftgUOBKe

Email authentication strong

SPF
v=spf1 ip4:91.121.61.113/32 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc@yeswehack.com; ruf=mailto:dmarc@yeswehack.com; rf=afrf; sp=reject; fo=d:s; pct=100; ri=86400
policy: quarantine · sp=reject
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrADd9q8MsaTlCY7Jq1wqsi9XwgsD90CyuDkDqea3tnH1meARs+ScWdpO0ShGCI7y3i8+u6Yt8Jutm…
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

GandiCert
from 2025-07-10 to 2026-08-11
Expires in 84 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://yeswehack.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://challenges.cloudflare.com https://intercom-sheets.com; connect-src 'self' api.yeswehack.com cdn-yeswehack.com feature.yeswehack.com https://*.intercom-messenger.com wss://*.intercom-messenger.com https://via.eu.intercom.io https://api.eu.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.eu https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com ws: wss:; child-src 'self' https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; worker-src 'self' blob:; font-src 'self' https://js.intercomcdn.com https://fonts.intercomcdn.com; form-action 'self' h
strict-transport-security
includeSubDomains;max-age=31536000;preload;

Linked from (1)