indexo.dev

caamypace.com

.com crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 11411 ms crawled 2026-05-15

US · 147.154.3.128 · AS31898 Oracle Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Pay Less with Pay as You Drive Auto Insurance - CAA MyPace™.
Description
CAA MyPace™ is an insurance program to reduce and manage your auto premiums if you drive less than 9,000 km per year. Pay for what you drive. Get coverage!
Language
en

Open Graph

url
https://www.caamypace.com
title
CAA MyPace™. Putting low-mileage motorists in the driver's seat.
locale
en_CA
site name
CAA MyPace™
description
CAA MyPace™ is an insurance program that provides the best way to pay for, reduce and manage your auto premiums if you drive less than 9,000 kilometres per year. Pay for what you drive. Monitor your mileage online or by using the CAA MyPace app. Know you're always covered!

Technology

Server
ZENEDGE
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • www.googletagmanager.com×3
  • code.jquery.com×1
  • fast.fonts.net×1

Registration

Registrar
Amazon Registrar, Inc.
Created
2018-03-23
Expires
2027-03-23 307 days left
Updated
2024-05-29
Name servers
  • ns-1375.awsdns-43.org
  • ns-1643.awsdns-13.co.uk
  • ns-427.awsdns-53.com
  • ns-904.awsdns-49.net

DNS records live

NS
  • ns-1375.awsdns-43.org
  • ns-1643.awsdns-13.co.uk
  • ns-427.awsdns-53.com
  • ns-904.awsdns-49.net
TXT
  • google-site-verification=rBJge6Rl52qVBGWdjop0CIc_aryIKAlPUp99a8m2tzg
  • trend-micro-v1-domain-verification.2753e18a262f94f7301723f9d1f027d9=78c9d6ac-8518-4746-8247-02001c2a7ae6

Email authentication no MX

SPF
v=spf1 include:spf.caasco.ca -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

COMODO RSA Organization Validation Secure Server CA
from 2025-05-26 to 2026-05-27
Expires in 7 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.caamypace.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'self' code.jquery.com googletagmanager.com bat.bing.com connect.facebook.net s.pinimg.com ct.pinterest.com youtube.com www.youtube.com *.g.doubleclick.net www.google-analytics.com *.google.com *.doubleclick.net play.google.com itunes.apple.com google.com google.ca script.hotjar.com; font-src 'self' fast.fonts.net; style-src 'self' 'unsafe-inline' fast.fonts.net; img-src 'self' data: *; frame-src 'self' www.youtube.com www.google.com td.doubleclick.net googletagmanager.com *.fls.doubleclick.net ct.pinterest.com; frame-ancestors 'self' www3.moneris.com esqa.moneris.com *.youtube.com; connect-src 'self' *.hotjar.com *.hotjar.io www.google-analytics.com *.g.doubleclick.net ct.pinterest.com wss://ws.hotjar.com content.hotjar.io analytics.google.com caaccg.piwik.pro; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-TFCIBNwTNJf5j4bZY75MxMuFt9KrZV7+1v+obTw1iuE='; object-src 'self'; base-URI 'self'
strict-transport-security
max-age=31536000;

Linked from (1)