indexo.dev

called.app

.app crawl

First seen 2026-05-02 · Last seen 2026-05-09 · ok HTTP/1.1 200 1478 ms crawled 2026-05-09

US · 104.26.7.111 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

sector religion type homepage

HTML metadata

Title
Homepage - Called
Description
All-in-one church platform for communication, groups, events, and discipleship. Built for ministry leaders to engage their community and ensure no one slips through the cracks.
Language
en-US
Generator
Site Kit by Google 1.177.0
Canonical
https://called.app/

Open Graph

url
https://called.app/
title
Homepage - Called
locale
en_US
site name
Called
description
All-in-one church platform for communication, groups, events, and discipleship. Built for ministry leaders to engage their community and ensure no one slips through the cracks.

Technology

CDN
Cloudflare
CMS
WordPress
Analytics
  • Cloudflare Insights
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (7)
  • fonts.googleapis.com×2
  • js.hs-scripts.com×2
  • www.googletagmanager.com×2
  • fonts.gstatic.com×1
  • forms.hsforms.com×1
  • js.hsforms.net×1
  • static.cloudflareinsights.com×1

Social

DNS records live

NS
  • candy.ns.cloudflare.com
  • pedro.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • google-site-verification=hMqOH2DFkwr3HES1L_Vv5CTbZc5udFf2ToPsbALKsqo
  • google-site-verification=-U57P_kN6wt8DSDWOR1FfsfrjMT_iZLwY1a8InrCsLs
  • google-site-verification=DBkXYZp06OgG_j09Zml4cZsUGHNjy02WGAYp-nc0f40

Email authentication partial

SPF
v=spf1 include:23221857.spf06.hubspotemail.net include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-03-27 to 2026-06-25
Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://called.app/

present
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff

Links to (7)

Linked from (1)