eauresortandspa.com

HTML metadata

Title: Eau Resort & Spa | Luxury Palm Beach Resort
Description: Escape to Eau Resort & Spa, a 5 Star luxury Palm Beach resort on a private beach with award winning spa, Jonathan Adler designed rooms & more.
Language: en-US
Canonical: https://www.eauresortandspa.com/

Open Graph

url: https://www.eauresortandspa.com/
title: Eau Resort & Spa | Luxury Palm Beach Resort
video: https://cdn.eauresortandspa.com/wp-content/uploads/2026/04/21112957/eau_hero_video_web_final.mp4
locale: en_US
site name: Eau Resort & Spa
description: Escape to Eau Resort & Spa, a 5 Star luxury Palm Beach resort on a private beach with award winning spa, Jonathan Adler designed rooms & more.
updated time: 2026-05-18T14:42:53+00:00

Technology

CDN: Amazon CloudFront
Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (6)

use.typekit.net×3
cdn-cookieyes.com×2
www.thehotelsnetwork.com×2
contact-api.inguest.com×1
p.typekit.net×1
www.googletagmanager.com×1

Social

Contact

Phone

Address

100 SOUTH OCEAN BLVD, 33462, MANALAPAN, FL, US

Registration

Registrar

GoDaddy.com, LLC

Created

2025-12-19

Expires

2028-12-19 944 days left

Updated

2025-12-19

Name servers

ns77.domaincontrol.com
ns78.domaincontrol.com

DNS records live

NS

ns77.domaincontrol.com
ns78.domaincontrol.com

MX

0 eauresortandspa-com.mail.protection.outlook.com

TXT

google-site-verification=yPWcMRPN4MBE7b5FDWsgnzkMTbLjBR3a_Gl8w-YeCT8

Email authentication strong

SPF

v=spf1 ip4:107.0.12.178 ip4:199.125.15.83 ip4:147.154.9.86 ip4:138.1.52.50 ip4:147.154.25.123 include:amazonses.com include:spf_3a.oracleindustry.com include:spf.protection.outlook.com include:authsmtp.com include:spf.synxis.com include:spf.mailanyone.net include:rp.oracleemaildelivery.com include:_spf.sendergen.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; adkim=r; aspf=r; rua=mailto:dmarc_rua@onsecureserver.net;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttAPJ//3leodeeR7nREbGGvxdxe5gizWSV5lp2uhrSjM4IPWjTAY/end97IgMMqH2Gzk5lAen+wqJX…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2026-02-11 to 2027-03-13

Expires in 297 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.eauresortandspa.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bing.com ads.travelaudience.com cdn-cookieyes.com *.facebook.net *.inguest.com *.doubleclick.net *.relay-t.io *.google.com *.googletagmanager.com *.gstatic.com *.thehotelsnetwork.com; script-src-elem 'self' 'unsafe-inline' *.clarity.ms *.pinimg.com *.bing.com cdn-cookieyes.com *.facebook.net *.inguest.com *.doubleclick.net *.googleapis.com *.relay-t.io *.google.com *.googletagmanager.com *.gstatic.com *.opentable.com *.thehotelsnetwork.com ads.travelaudience.com infird.com; script-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.gstatic.com *.typekit.net *.thehotelsnetwork.com *.honey.io; style-src-attr 'unsafe-inline'; img-src 'self' data: *.google.se *.google.mu *.google.ie *.google.gr *.google.cz *.google.com.pk *.google.com.gh *.google.com.co *.google.co.jp *.thehotelsnetwork.com *.googleadservices.com *.google.de *.facebook.net *.bing.com *.bing.net cdn-cookieyes.com *.gstati
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (6)

Linked from (1)

eaupalmbeach.com×1