indexo.dev

expertflyer.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-06 · ok HTTP/1.1 200 858 ms crawled 2026-05-06

US · 13.33.235.64 · AS16509 Amazon.com, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
ExpertFlyer: Flight Availability, Seat Maps & Award Upgrades
Description
ExpertFlyer empowers frequent flyers to find award inventory, view in-depth airline seat maps, and set flight alerts. Find your perfect seat and upgrade faster.
Language
en
Canonical
https://expertflyer.com

Technology

CDN
Amazon CloudFront
CMS
Next.js
Cookie consent
  • OneTrust

Third-party hosts loaded (2)

  • cdn.cookielaw.org×1
  • privacyportal-cdn.onetrust.com×1

Social

Contact

Email

Registration

Registrar
GoDaddy Corporate Domains, LLC
Created
2004-01-30
Expires
2027-01-30 256 days left
Updated
2025-02-11
Name servers
  • ns-1422.awsdns-49.org
  • ns-1766.awsdns-28.co.uk
  • ns-451.awsdns-56.com
  • ns-956.awsdns-55.net

DNS records live

NS
  • ns-1422.awsdns-49.org
  • ns-1766.awsdns-28.co.uk
  • ns-451.awsdns-56.com
  • ns-956.awsdns-55.net
MX
  • 10 expertflyer-com.mail.protection.outlook.com
TXT
Show 11 TXT records
  • knowbe4-site-verification=f250b2a70f1bef3a0d3e9e990a25ada0
  • 0ed1fe018a179b6149a02e4d38938cab43b2f5fb03
  • 6f81429fcb0147029402e6e54546a993
  • MS=ms83243141
  • ZOOM_verify_upIVTo8VQrWAP-v5sFk1PA
  • atlassian-domain-verification=dXpMb6IBZlmK7X42/O28YWyiXYn0+90NDFEfrPsBAoAoUsAoDiuicnQAmjbUiyVB
  • canva-site-verification=EMdUAWFD5vk5nqPx_-6IQg
  • globalsign-domain-verification=A55846C4EB0CBA0E841DBB3652C14303
  • google-site-verification=TX7JAahgc-PZV2weJaE8Vxr-PJ0AfrRfjvgOZJI9bA0
  • google-site-verification=VJ3r2fM88BOBHjZfnZqh486Exx3alDuBQrshIoM8wC8
  • growsurf=a50tbo

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:mail.zendesk.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:c86cd61ccfab937@rep.dmarcanalyzer.com; ruf=mailto:c86cd61ccfab937@for.dmarcanalyzer.com; fo=1
policy: quarantine
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy9O75TKVEaoyv4pjVbnnY9pu2tjswnx/F/glsFjXzlXyA8aCIvIlUaMFbPfjAzE2pGMZTF1WZG9AV2JrH…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLNxHMyZBYTt2ACVzrBAbGUrWWigV8DELlS4G8OoppH9XIUatDcjHaakzbG+mDcfmQc7ofFBcSprzwN6bi…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2026-04-11 to 2026-10-26
Expires in 160 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.expertflyer.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.recurly.com https://cdn.cookielaw.org https://privacyportal-cdn.onetrust.com https://www.googletagmanager.com https://connect.facebook.net https://*.facebook.com https://capig.madgicx.ai https://*.amplitude.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://adservice.google.com https://app.growsurf.com https://*.growsurf.com; style-src 'self' 'unsafe-inline' https://*.recurly.com https://privacyportal-cdn.onetrust.com https://*.amplitude.com; connect-src 'self' https://*.recurly.com https://cdn.cookielaw.org https://privacyportal-cdn.onetrust.com https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal.onetrust.com https://www.googletagmanager.com https://www.google-analytics.com https://analytics.google.com https://www.google.com https://connect.facebook.net https://*.facebook.com https://graph.facebook.com https://capig.madg

Links to (7)

Linked from (1)