indexo.dev

casacaracol.es

.es crawl

First seen 2026-06-03 · Last seen 2026-06-03 · ok HTTP/1.1 200 862 ms crawled 2026-06-03

US · 172.67.176.115 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Casa Caracol
Language
es

Technology

CDN
Cloudflare
CMS
Gatsby
Stack
PHP
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×4
  • www.googletagmanager.com×3

Social

Contact

Phone

DNS records live

NS
  • carl.ns.cloudflare.com
  • katja.ns.cloudflare.com
MX
  • 1 casacaracol-es.mail.protection.outlook.com
  • 10 casacaracol-es.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:_spf.serviciodecorreo.es include:musvc.com include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

E8
from 2026-05-09 to 2026-08-07
Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://casacaracol.es/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • weak content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff, nosniff
content-security-policy-report-only
font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https://fonts.gstatic.com https://www.google.com https://www.gstatic.com https://fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors self www.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https://www

Links to (5)

Linked from (1)