indexo.dev

carnemare.com

.com crawl

First seen 2026-04-27 · Last seen 2026-05-17 · ok HTTP/1.1 200 6188 ms crawled 2026-05-05

US · 151.101.1.75 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Carne Mare | An Italian Chophouse by Chef Andrew Carmellini in the Seaport District, New York City
Description
Carne Mare is an Italian Chophouse by Chef Andrew Carmellini offering prime cuts of steaks, fine seafood, and Italian specialties.
Language
en-US
Canonical
https://www.carnemare.com/

Open Graph

url
https://www.carnemare.com/
title
Carne Mare | An Italian Chophouse by Chef Andrew Carmellini in the Seaport District, New York City
site name
Carne Mare
description
Carne Mare is an Italian Chophouse by Chef Andrew Carmellini offering prime cuts of steaks, fine seafood, and Italian specialties.

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (13)
  • images.getbento.com×12
  • theme-assets.getbento.com×4
  • app-assets.getbento.com×3
  • www.googletagmanager.com×2
  • assets-cdn-refresh.getbento.com×1
  • cdnjs.cloudflare.com×1
  • fonts.googleapis.com×1
  • fonts.gstatic.com×1
  • media-cdn.getbento.com×1
  • widgets.resy.com×1
  • wsv3cdn.audioeye.com×1
  • www.google.com×1
  • www.gstatic.com×1

Social

Registration

Registrar
pair Networks, Inc. d/b/a pair Domains
Created
2018-06-13
Expires
2029-06-13 1119 days left
Updated
2026-04-23
Name servers
  • ns5.pairnic.com
  • ns6.pairnic.com

DNS records live

NS
  • ns5.pairnic.com
  • ns6.pairnic.com
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • v=spf1 include:_spf.google.com include:servers.mcsv.net ~all
Verified for
  • Google

Certificate (current)

R13
from 2026-04-23 to 2026-07-22
Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.carnemare.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • cross-origin-opener-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' * https://cdn.us.heap-api.com https://heapanalytics.com https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval'; script-src-elem * https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' * https://heapanalytics.com https://viewer.threshold360.com blob: data:; style-src 'self' * https://heapanalytics.com https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' * https://c.us.heap-api.com https://heapanalytics.com https://viewer.threshold360.com wss://viewer.threshold360.com blob:; font-src 'self' * https://heapanalytics.com https://viewer.threshold360.com data:; frame-src 'self' * https://viewer.threshold360.com; worker-src * blob:; media-src * blob: data:; frame-ancestors 'self';
strict-transport-security
max-age=2592000; includeSubDomains
cross-origin-opener-policy
same-origin

Links to (6)

Linked from (1)