indexo.dev

carelparts.com

.com crawl

First seen 2026-05-28 · Last seen 2026-05-31 · ok HTTP/1.1 200 1376 ms crawled 2026-05-31

US · 104.26.12.21 · AS13335 Cloudflare, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Carel Humidification Parts & Parametric Controls
Description
Factory Direct Carel Humidification Parts & Parametric Controls. Live Help & Same Day Shipping.
Language
en

Technology

CDN
Cloudflare
CMS
Gatsby
Analytics
  • Cloudflare Insights

Third-party hosts loaded (5)

  • js.klevu.com×3
  • static.cloudflareinsights.com×1
  • static.klaviyo.com×1
  • static.zdassets.com×1
  • statsjs.klevu.com×1

Contact

Phone

Registration

Registrar
Cloudflare, Inc.
Created
2008-02-25
Expires
2028-02-25 634 days left
Updated
2025-12-02
Name servers
  • lola.ns.cloudflare.com
  • matias.ns.cloudflare.com

DNS records live

NS
  • lola.ns.cloudflare.com
  • matias.ns.cloudflare.com
MX
  • 10 mx1.improvmx.com
  • 20 mx2.improvmx.com
Verified for
  • Google

Email authentication strong

SPF
v=spf1 include:mail.zendesk.com include:spf.improvmx.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:7f9c83a823454c4893fbbacbb3e3dd98@dmarc-reports.cloudflare.net;
policy: quarantine
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b9G9c081XC0C5Bdc50MUgq6CgEoW6leHYkBOS9bN4yPLi7Re/y6hE4XnhrkYtMWf/5DiYuxIwmlRrkDnj…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4ZiFQvZSdq3+cY6tQxdUXHgs50B3nyy7KDocc6C9dBHsOUSbKIhrBFvVAZufHl24NTBseDnNAXwiFnXaSAXadmH…
selectors probed

Certificate (current)

WE1
from 2026-04-25 to 2026-07-24
Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.carelparts.com/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy-report-only
font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.klevu.com *.ksearchnet.com *.fontawesome.com https://fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https://plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doublecli

Links to (5)

Linked from (1)