indexo.dev

flinthorn.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-19 · ok HTTP/1.1 200 257 ms crawled 2026-05-19

US · 104.21.1.155 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Website Design and SEO Services | FlintHorn
Description
FlintHorn builds websites where design and SEO work as one. We specialize in web design, SEO, migrations, and redesigns, built to rank, built to convert.
Language
en
Canonical
https://flinthorn.com

Open Graph

url
https://flinthorn.com
title
Website Design and SEO Services | FlintHorn
description
FlintHorn builds websites where design and SEO work as one. We specialize in web design, SEO, migrations, and redesigns, built to rank, built to convert.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • cdn.sanity.io×7
  • fonts.googleapis.com×4
  • fonts.gstatic.com×1
  • newt.io×1
  • www.googletagmanager.com×1

Registration

Registrar
Cloudflare, Inc.
Created
2026-03-19
Expires
2027-03-19 302 days left
Updated
2026-03-19
Name servers
  • aria.ns.cloudflare.com
  • karl.ns.cloudflare.com

DNS records live

NS
  • aria.ns.cloudflare.com
  • karl.ns.cloudflare.com
MX
  • 10 route2.mx.cloudflare.net
  • 83 route1.mx.cloudflare.net
  • 85 route3.mx.cloudflare.net
Verified for
  • Google

Email authentication weak

SPF
v=spf1 include:_spf.mx.cloudflare.net ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-05-17 to 2026-08-15
Expires in 87 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://flinthorn.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://newt.io https://*.newt.io https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://cdn.sanity.io https://www.google-analytics.com https://www.googletagmanager.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sanity.io https://newt.io https://*.newt.io https://static.cloudflareinsights.com; frame-src 'self' https://newt.io https://*.newt.io; worker-src 'self' blob:; child-src blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin

Linked from (1)