carolinaherrera.com
carolinaherrera.com
HTML metadata
Technology
- CDN
- Cloudflare
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (6)
- aacdn.nagich.com×1
- cdns.gigya.com×1
- customer-jsjst1fdhj7sipkx.cloudflarestream.com×1
- widgets.swaven.com×1
- wtb-api-hub.swaven.com×1
- www.googletagmanager.com×1
Registration
- Registrar
- Tucows Domains Inc.
- Created
- 1996-05-16
- Expires
- 2027-05-17 361 days left
- Updated
- 2026-03-31
- Name servers
-
- bella.ns.cloudflare.com
- noah.ns.cloudflare.com
DNS records live
- NS
-
- bella.ns.cloudflare.com
- noah.ns.cloudflare.com
- MX
-
- 10 mail-ib-1.puig.com
- 10 mail-ib-1.puig.es
- 20 mail-ib-ip-1.puig.com
- 20 mail-ib-ip-1.puig.es
- TXT
-
Show 6 TXT records
H0E3W26487v=spf1 mx include:_u.carolinaherrera.com._spf.smart.ondmarc.com ~allx7ylcc4jmccyy18x0344mxdc6brr89ws2wqcd08nkv2gdv40rk097qptb0dwbzxh54o0232gb5m39oi5ec7nulrfee6adccb935d2d4096b9f28eb9039bfd62
- Verified for
-
Certificate (current)
E8
Expires in 70 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; style-src https: 'unsafe-inline'; style-src-elem https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https: data: wss: blob:; font-src https: data:; frame-src https:; img-src https: data: blob: 'self'; worker-src blob: https:; media-src blob: https:; frame-ancestors 'self' https://www.sephora.ae/ https://perfumeriafirst.com/ https://stg.elpalaciodehierro.com/ https://www.elpalaciodehierro.com/ https://www.perfumesclub.com/- strict-transport-security
max-age=10886400; includeSubDomains; preload