indexo.dev

bimakavach.com

.com crawl

First seen 2026-05-31 · Last seen 2026-06-01 · ok HTTP/1.1 200 2092 ms crawled 2026-06-01

IN · 13.200.56.193 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
BimaKavach - Fast Insurance for Unstoppable Businesses
Description
Get Business Insurance / Commercial Insurance from India's top 25 Insurance companies in minutes at the best price. We offer liability insurance, engineering insurance, marine insurance, property insurance, asset insurance, and group health insurance.
Language
en
Canonical
https://www.bimakavach.com/

Open Graph

url
https://www.bimakavach.com/
title
BimaKavach - 100% Effortless Insurance for Indian Businesses
description
Get Business Insurance / Commercial Insurance from India’s top 25 Insurance companies in 10 minutes at the best price. We offer liability insurance, engineering insurance, marine insurance, property insurance, asset insurance, and group health insurance.

Technology

CMS
Next.js
JS framework
Next.js
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.gstatic.com×2
  • fonts.googleapis.com×1
  • www.googletagmanager.com×1

Contact

Email
Phone

Registration

Registrar
GoDaddy.com, LLC
Created
2015-02-18
Expires
2029-02-18 989 days left
Updated
2025-10-14
Name servers
  • ns-1349.awsdns-40.org
  • ns-1558.awsdns-02.co.uk
  • ns-497.awsdns-62.com
  • ns-775.awsdns-32.net

DNS records live

NS
  • ns-1349.awsdns-40.org
  • ns-1558.awsdns-02.co.uk
  • ns-497.awsdns-62.com
  • ns-775.awsdns-32.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Ahrefs
  • Google
  • Zoho

Email authentication partial

SPF
v=spf1 ip4:149.72.0.0/16 ip4:159.183.0.0/16 include:_spf.google.com include:sendgrid.net ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:marketing@bimakavach.com; ruf=mailto:marketing@bimakavach.com; fo=1
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHBvnAJbIBGz099oN971va9E9p0TF0jzJKNoRwVqdFGeKE+GHMm8DojVZhVqqBb4VHVsm3zQvFUDXT…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KiIbdBkipeo1z12G8rXdDtQF3qSlNSGn/56mItCzG5K3uq7pNINT22TD/7ZOjU/Au0Kq8T3cOvX0ot2E7…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNUVQDXamQZL84KEPTg4kOkvSNZauTq/Hjcfzpau9lszZMboSSfVQecTdZfIylegpG2x+FPcp7+gcFGzK4…
selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2
from 2025-06-09 to 2026-06-08
Expires in 3 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.bimakavach.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pinterest.com calendly.com stripe.com *.google-analytics.com connect.facebook.net recaptcha.net *.googletagmanager.com *.paytmpayments.com *.paytm.in *.paytm.com *.maps.googleapis.com *.google.com https://cdn.mxpnl.com; script-src-elem 'self' 'unsafe-inline' https://static.hotjar.com https://analytics.ahrefs.com *.googletagmanager.com *.google-analytics.com *.clarity.ms *.googleadservices.com connect.facebook.net googleads.g.doubleclick.net snap.licdn.com web-in21.mxradon.com stats.g.doubleclick.net *.paytmpayments.com *.paytm.in *.paytm.com *.maps.googleapis.com *.google.com https://cdn.mxpnl.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.google.com https://rsms.me *.paytmpayments.com; img-src * data: *.paytmpayments.com *.paytm.in *.paytm.com *.maps.googleapis.com *.google.com; font-src 'self' https://fonts.gstatic.com https://rsms.me data:; media-src 'self'; frame-src 'self' calendl
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (1)

Linked from (1)