indexo.dev

careem.com

.com crawl

First seen 2026-05-10 · Last seen 2026-05-16 · ok HTTP/1.1 200 3686 ms crawled 2026-05-16

IE · 3.251.37.78 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
The everything app | Careem
Description
Careem is ‘the everything app’ for the region, making it easier than ever to move around, order food and groceries, manage payments, and more.
Language
en-AE

Open Graph

url
/
title
The everything app | Careem
author
Careem
locale
en_AE
site name
Careem
description
Careem is ‘the everything app’ for the region, making it easier than ever to move around, order food and groceries, manage payments, and more.

Technology

CDN
Amazon CloudFront
Server
AmazonS3
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2012-06-20
Expires
2029-06-20 1127 days left
Updated
2024-06-07
Name servers
  • ns45.domaincontrol.com
  • ns46.domaincontrol.com

DNS records live

NS
  • ns45.domaincontrol.com
  • ns46.domaincontrol.com
MX
Show 7 MX records
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 20 TXT records
  • h1-domain-verification=mn5poEcqkM4XeZaHQeC81ptLxB6UwoA9dPiQcS4k5XPjoTqt
  • anthropic-domain-verification-kwncgf=d90O7hiXX5cDQpSjoNEwW9s0l
  • openai-domain-verification=dv-6fxrmgANYkv1q4861c892re9
  • google-site-verification=r-oDy7ZKf5dpD2p4W_XzyZrHsBiwsduUwC3_wDEuZvs
  • MARATHON=Q7EFEyLPIz
  • bitrise-verification=1d3fb5b0590dad1a-tFAqT2cYYTBy
  • DirectFedAuthUrl=https://careem.okta-emea.com/app/careem_microsoftdynamics_1/exkdzdu4mgMTE1VlR0i7/sso/saml
  • atlassian-domain-verification=IRfMhwm6frGckQO5SZ6dG5TSKaN7Zfk7aB5i/oYupbrWn8valGE/pdXbHWqf4UJJ
  • google-site-verification=cPtS7ZdImn-SopShlpwuB0z_cnOC9PVp6uIiJRoow5A
  • google-site-verification=e7l_Ch-6K5KARR9EYafr7b56PA3GuGuRGXjo0miE_SA
  • google-site-verification=oY3jyTpcRQ0UCB-yBWqfMogrfkfuZX2a3PoqihNG-YE
  • google-site-verification=YAzZMw-fZnDjaF6LhnfByI1VYbY1kctI36RzhyfA1Kk
  • docker-verification=b91d623b-7ee3-4dd7-ba17-3017f6b25164
  • facebook-domain-verification=n5bl975a5u6alzkt127gxpay47hous
  • h1-domain-verification=NqY5vXezgM74jj6SWKMor72BqRPB1MEG5GGVKzYL7vYksnkL
  • OSSRH-74118
  • Dynatrace-site-verification=af08b149-5923-4712-bf4d-b1deaa31f634__1hffpl8bh8h2o8a3gf6v5s38d6
  • cursor-domain-verification-8cyy2a=KXUU25x4Y05G1mMQjZRXgNXrK
  • KeCvuZg0Y2cDZYdlZT6By8C8_yl6Ze1KXVa5vXdJx3Q
  • MS=ms66622583

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:_spf.psm.knowbe4.com include:mail.zendesk.com include:amazonses.com include:customeriomail.com ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148.105.8.0/21 ip4:185.249.220.0/24 ip4:185.225.161.0/24 ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; pct=70; rua=mailto:admin@careem.com; aspf=r; adkim=r
policy: quarantine · pct=70
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyA5WIm3CdEfOrujhmAmzVltvO5/tPGJCzucm/7OYJhsTInt7WH5E+idOpzUi75ZRt+aiCS2QlFZt6…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM9gvmiBU2cxwo5s3TyZTP48//2W4F2PS6fpLJYRZG+rdnU3aRZJlYH+Nsv1pecJqyorbRZEqVgEea4L3R…
  • smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed

Certificate (current)

Amazon RSA 2048 M03
from 2025-08-31 to 2026-09-29
Expires in 132 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.careem.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer
x-frame-options
DENY
permissions-policy
geolocation=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://connect.facebook.net https://static.doubleclick.net https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://recaptcha.net https://www.recaptcha.net/recaptcha/api.js https://www.gstatic.com; style-src 'self' 'unsafe-inline' 'report-sample' https://www.facebook.com https://connect.facebook.net https://www.gstatic.com; object-src 'none'; base-uri 'self'; connect-src 'self' careem.com platform.careemapis.com https://stats.g.doubleclick.net https://jnn-pa.googleapis.com https://play.google.com https://*.googlevideo.com https://googleads.g.doubleclick.net https://www.google.com https://analytics.google.com https://www.google-analytics.com https://remittance-service.pvt-cx.gw.staging.teamdisplayed.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://td.doubleclick.net https://www.facebook.com https://www.googletagmanager.com recaptcha.net htt
strict-transport-security
max-age=31536000; includeSubDomains

Links to (4)

Linked from (1)